Titan Stealer – A Cross-Platform Information Stealer Malware Distributed by Threat Actors
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Titan Stealer is a cross-platform information stealer malware actively distributed by a threat actor through a Telegram channel, capable of stealing various information from infected Windows machines and providing the attacker …
Chrome 109 addresses an array of security flaws
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Google Chrome’s latest stable channel update for Windows, Mac, and Linux addresses a number of security flaws. The flaws allow a remote attacker to get access to potentially sensitive information by …
Brazil’s manufacturing industry under attack by Vice Society ransomware group
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Vice Society ransomware group is a cyber threat group that made headlines in late 2022 and early 2023 for a series of attacks against various targets, including the rapid transit …
VMware addresses Security Flaws in vRealize Log Insight
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary VMware has patched four security flaws in vRealize Log Insight (aka Aria Operations for Logs) that could potentially expose users to remote code execution attacks and allow an unauthenticated attacker to …
DragonSpark Attacks Targeting East Asian Countries Using SparkRAT Malware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Recently, a group of cyber-attacks against organizations in East Asia has been identified and named “DragonSpark”. These attacks are known for using a relatively unknown open-source tool called SparkRAT, which is …
Chinese Threat Actors Leverage Phishing and GuLoader to Distribute Remcos RAT
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The malicious campaign described involves the distribution of a malicious PDF file through email, via phishing. The PDF file in this case redirects victims to a legitimate cloud-based platform, where they …
Unpatched Systems Vulnerable to Spoofed Linked Certificates in KDC
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Windows Server provides Public Key Infrastructure (PKI) technology to enable capabilities such as Encrypting File System (EFS), domain authentication, digital signatures, and email security. Misconfigurations in Active Directory Certificate Services (AD …
A New Malware Called Album Stealer is Targeting Facebook Users
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Album Stealer is a malware that disguises itself as a photo album and drops decoy adult images while performing malicious activity in the background. It uses a side-loading technique to execute …
Actors, Threats and Vulnerabilities 16 January 2023 – 22 January 2023
For a detailed threat digest, download the pdf file here Summary For a detailed threat digest, download the pdf file here Hive Pro identified three active actors during the past week. The first, Earth Bogle, is a notable threat actor known for information theft and espionage. The second, Kasablanka, …