Did Patch Tuesday address the zero-day flaw in Microsoft Exchange
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Microsoft addresses two new zero-day vulnerabilities tracked under CVE-2022-41033, an Elevation of Privilege vulnerability exploited in the wild. CVE-2022-41043 is an Information Disclosure vulnerability was publicly disclosed. Microsoft has not released …
The surge of cryptojacking campaigns
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Recent cryptojacking campaigns disclosed that intruders exploited DLL Side-Loading issues in Microsoft OneDrive by writing a fake secur32.dll file to establish persistence and operate undetected on compromised systems. …
POLONIUM employs backdoors to target Israel
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary POLONIUM is a cyber espionage gang that leverages OneDrive and Dropbox cloud services for command and control (C&C) by employing a custom toolkit that includes seven backdoors and various spying modules …
Zero-Day Remote Code Execution Vulnerability in Zimbra Collaboration Suite
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The active exploitation of an unpatched CVE-2022-41352 remote code execution (RCE) vulnerability found in the Zimbra Collaboration Suite (ZCS). It empowers attackers to upload arbitrary files and execute malicious operations on …
Vulnerability in Fortinet allows authentication bypass
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary FortiOS, FortiProxy, and FortiSwitchManager has an authentication bypass vulnerability, CVE-2022-40684, that could allow remote attackers access to the administrative interface and take control of the entire network …
Eternity Threat group is actively evolving its malware arsenal
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Eternity threat group (also known as Eternity Team or Eternity Project), a Russian “Jester Group”-affiliated threat group, has been active since at least January 2022. Eternity uses a malware-as-a-service subscription …
BlackByte uses a new attack technique to target vulnerable Windows drivers
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary BlackByte Ransomware is leveraging a security flaw in a legitimate Windows driver to conduct a new bring your own vulnerable driver (BYOVD) attack. …
Zero-day vulnerabilities in Microsoft Exchange Server
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Microsoft Exchange Server has two zero-day vulnerabilities. One of them is a Server-Side Request Forgery (SSRF) vulnerability(CVE-2022-41040), while the second is a remote code execution (RCE) vulnerability (CVE-2022-41082)in PowerShell. An authenticated …
Sophos Zero-day vulnerability becomes target for attackers
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A zero-day vulnerability in the User Portal and WebAdmin of Sophos Firewall has been tracked as CVE-2022-3236. This vulnerability is been used by some unknown attackers to target organizations in South …