Indian Government targeted by APT-36
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary APT 36, also known as Transparent Tribe, is an information theft and espionage gang that was last active in mid-July 2022. Recently, invasive advertising and the data exfiltration tool LimePad were …
Threat actors buy new BlueFox Stealer to exfiltrate data
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A Russian-speaking user named distamx has been selling BlueFox Stealer as malware-as-a-service since December 2021. A subscription to the customizable malware costs $350 per month on underground forums. BlueFox Stealer attacks …
Exploitation of Follina leads to takeover of domain controller
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The recent incident is related to TA570, wherein the attackers exploited the Follina vulnerability (CVE-2022-30190) to compromise the Domain Controller and eventually gain access to confidential files. …
APT10 distributes LODEINFO malware to deploy infection chains
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The APT 10 cyber espionage gang has been spotted adopting a new stealthy infection chain to deploy the LODEINFO backdoor shellcode to exfiltrate sensitive information to Command and Control (C2). …
Patch available for pre-announced Critical Vulnerability in OpenSSL
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary OpenSSL has released the Patch for the pre-announced critical vulnerability. In the announcement the severity of the vulnerability was Critical based on the fact that it can lead to RCE but …
Privilege Escalation in VMware spring-security
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A vulnerability in VMware’s Spring Security affects the mapping of permitted scope in spring-security-oauth2-client, allowing privilege escalation. …
Google Chrome’s seventh zero-day of 2022
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A zero-day vulnerability has been discovered in Google Chrome versions prior to 107.0.5304.87. A type of confusion vulnerability tracked as CVE-2022-3723 is the seventh zero day of 2022 and is said …
LV Ransomware Exploited ProxyShell to target Jordan
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary LV ransomware as a service has been active since late 2020 The most recent infiltration entailed the compromise of the corporate environment of a Jordan based entity, leveraging the double extortion …