Multiple Ransomware groups targets open RDP Ports
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Many ransomware attacks are being launched against exposed Remote Desktop services by Threat Actors. At present, five ransomware families are attacking open RDP ports. …
Do you know about an emerging new infostealer malware named DockLogs
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary DuckLogs is a new info-stealing malware variant, which is sold as Malware-as-a-Service (MaaS) product. It captures and exfiltrates data from infected PCs such as credentials, cookies, crypto wallets, browser data, and …
Google addressed an array of bugs with Chrome 108
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Google Chrome’s latest stable channel update for Windows, Mac, and Linux fixes several vulnerabilities. There are eight high-severity security flaws and 14 medium-severity flaws. The most significant of these flaws is …
Chinese cyber espionage hackers target Southeast Asian firms
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary UNC4191, a threat actor with a suspected China affiliation, has been linked to a series of espionage assaults primarily in Southeast Asia that use USB sticks as an initial infection vector. …
How ScarCruft APT group enhances its toolkit with a powerful Dolphin backdoor
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary ScarCurft aka Reaper, APT 37, Ricochet Chollima is North Korean espionage group, active since 2012. ScarCruft has targeted South Korea Newspaper with a watering hole attack in the last year. In …
Adversaries strike critical Windows IKE flaw in the “Bleed You” campaign
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary An active “Bleed You” campaign is leveraging a critical RCE (CVE-2022-34721) vulnerability in Windows Internet Key Exchange (IKE) Protocol Extensions to assist subsequent malware and ransomware assaults and lateral network movement. …
A new strain of Punisher ransomware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new variant of the Punisher ransomware is spreading via phishing website that delivers ransomware disguised as a COVID tracking application. Punisher Encryptor is a .NET binary that runs on Windows …
Actively Exploited Zero-Day Bug in Chrome
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary CVE-2022-4135 is a high-severity heap buffer overflow issue that affects the GPU component. The fault is caused by a boundary error in the GPU while processing untrusted HTML input. An attacker …