New Botnet named Zerobot Exploiting Multiple Vulnerabilities
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A new botnet named ‘Zerobot’ has two variants, both are written in Go programming language, the first variant discovered on 18 Nov 2022, and within a short time on 24 Nov …
US Defense & NGOs fall prey to Russian hackers
Threat Level Actors Report For a detailed threat advisory, download the pdf file here Summary Russian state-sponsored group Calisto is linked to spoofing Microsoft login pages of Global Ordnance, a legitimate U.S. military weapons and hardware supplier. According to some, the themed domains are likely an …
BlackMagic Ransomware disrupts the Israeli logistics sector
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The latest ransomware entity, known as “BlackMagic” has emerged. This gang targets its victims using a double extortion approach in which it initially exfiltrates the victim’s data, followed by encryption, and …
Linux flaws could be chained together to achieve root access
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Two vulnerabilities (CVE-2022-41974 and CVE-2022-41973) can either be exploited individually or in combination to lead to local privilege escalation, the first potentially causing a symlink attack and the second causing an …
BackdoorDiplomacy targets the telecom industry in the Middle East
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary BackdoorDiplomacy, an advanced persistent threat (APT) gang with roots in China, is most likely behind a hostile campaign targeting the Middle East. The espionage action, aimed at a Middle Eastern telecom …
Buffer Overflow vulnerability in FreeBSD
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A vulnerability in FreeBSD ping has been discovered that could allow remote code execution. A remote host can trigger the memory safety bug, causing the ping program to crash. Ping runs …
Attackers target Telecommunications sector to gain network access
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary To gain initial access, the adversary used social engineering to impersonate IT, staff, using phone calls, SMS, and/or Telegram. When the adversary gains access to the target environment, it performs constant …
Recent Lazarus campaign leveraged Crypto App to spread AppleJeus malware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Lazarus Group threat actor was noticed employing fake cryptocurrency apps as a ruse to transmit a previously unidentified version of the AppleJeus malware masquerading as malicious Microsoft Office documents. AppleJeus …
Google Chrome’s ninth zero-day in 2022
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary CVE-2022-4262 is the fourth actively exploited type confusion bug in Chrome addressed by Google and the ninth zero-day flaw exploited in the wild in 2022. The bug exists as a result …