What can you do about the critical vulnerability in OpenSSL 3.0
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary OpenSSL has a critical vulnerability that affects all the versions from 3.0 to 3.0.6. Due to the criticality of the vulnerability, OpenSSL has pre-announced the security update for security teams to …
Threat Actors launch a campaign to exploit vulnerability in Fortinet
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Tailgate campaign is currently being carried out by the threat actors Hafnium and OilRig. The goal of this campaign is to exploit vulnerabilities in Fortinet. Recently discovered vulnerability CVE-2022-40684, which has …
VMware Cloud Foundation has a significant RCE flaw
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A Remote Code Execution (RCE) vulnerability through the XStream open-source library tagged as CVE-2021-39144 in the VMware Cloud Foundation, which is a hybrid cloud platform for hosting enterprise workloads in private …
Stranger Strings: A 22-year-old vulnerability in SQLite
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A vulnerability in the SQLite library API has been assigned CVE-2022-35737, which could allow an attacker to crash or control programs. …
Lazarus neutralizes antivirus software using BYOVD technique
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The Lazarus group exploits known vulnerabilities within Dream Security’s MagicLine4NX and INITECH INISAFE CrossWEB EX V3 by utilizing Bring Your Own Vulnerable Driver (BYOVD) technique to neutralize an antivirus program. …
SideWinder APT group’s new arsenal named WarHawk
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The SideWinder APT gang operates espionage campaigns against government, military, and business sectors throughout Asia, primarily Pakistan, by employing the WarHawk backdoor to exfiltrate vulnerable system metadata to a remote server. …
US healthcare organizations targeted by Daixin Team ransomware
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Daixin Team ransomware, and data extortion group has been gaining initial access to victims through virtual private networks (VPN) servers since June 2022, either by exploiting an unpatched vulnerability in the …
LDR4 is a new Ursnif variant
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary In June 2022, a new aspect of the URSNIF malware was identified. Unlike prior URSNIF iterations, this new variation, code named LDR4, is a backdoor designed to facilitate operations such as …
The Spyder Loader malware targets organizations in Hong Kong
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Spyder Loader malware was first publicly documented in March 2021. The recent Spyder Loader malware campaign appears to have had the ultimate goal of information theft, and the threat actor …