A new RansomExx ransomware strain revised in Rust
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary RansomExx is a ransomware variant that operates on a ransomware-as-a-service (RaaS) model and has been active since it first appeared in 2018 as Defray777. The latest version, dubbed RansomExx2 by threat …
Black Basta Ransomware Invades US Firms with Qakbot Malware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary In this latest spear-phishing campaign, the Black Basta ransomware gang employed QakBot malware, aka QBot or Pinkslipbot, to acquire an initial point of entry and migrate laterally through an organization’s network …
Rise in new Royal Ransomware attacks
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Royal Ransomware is a new form of ransomware used as a service in early 2022, with the objective of gaining access to a victim’s environment, encrypting all their files, and …
Arab countries are being targeted by multiple malware families
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Malicious actors have already begun World Cup-themed phishing attacks targeting specific organizations partnered with the tournament are more vulnerable victims in Arab countries. The goal of such assaults could vary, such …
Aurora Botnet evolves into a Stealer
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Aurora was first discovered in Russian-speaking underground forums and was capable of stealing, downloading, and gaining remote access. A threat actor by the name of Cheshire is selling this Malware-as-a-Service. …
Atlassian Addresses Issues in Crowd and Bitbucket Products
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Atlassian has two security holes that can be abused to allow arbitrary code execution. CVE-2022-43782 allows an intruder connecting from an IP address on the allow list to authenticate as the …
Chinese APT Earth Preta runs spearphishing campaigns
Threat Level Actors Report For a detailed threat advisory, download the pdf file here Summary Earth Preta, an APT gang, staged a large-scale cyber espionage campaign in which the malware was transmitted via spear-phishing emails. The actors use various strategies to avoid detection and analysis, such …
RapperBot Campaign Launches DDoS Attacks on Game Servers
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The new RapperBot malware version creates a botnet capable of launching Distributed Denial of Service (DDoS) attacks. The latest version can launch Telnet brute-force strikes, DoS attacks using the Generic Routing …
Heimdal addresses multiple vulnerabilities in v7.7.1
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Heimdal has addressed bugs in Heimdal KDC. A remote intruder can use unwrap des3() to induce a buffer overflow in Heimdal GSSAPI, leading to a denial of service or remote code …