Iranian-linked hacker group victimized Israel’s shipping industry
Threat Level Actor Report For a detailed advisory, download the pdf file here Summary Iranian threat group (UNC3890) used social engineering lures and a watering hole to jeopardize Israel’s shipping, government, energy, aviation, and healthcare sectors. This campaign has been running since at least late 2020 …
Two zero-day vulnerabilities in macOS when chained can take over the entire system
Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary Two zero-day vulnerabilities have been discovered in Apple macOS. Both could allow an attacker to execute arbitrary code. These new issues bring the total number of zero-day vulnerabilities discovered in the Apple …
Chrome’s zero-day flaw allows arbitrary code execution
Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary A vulnerability(CVE-2022-2856) in Google Chrome, has been exploited in the wild. Additionally, Chrome has addressed several other use-after-free vulnerabilities in multiple components, including FedCM, SwiftShader, ANGLE, and Blink. …
Unknown Attackers exploit several vulnerabilities in Zimbra Collaboration Suite
Threat Level Attack Report For a detailed advisory, download the pdf file here Summary The Zimbra Collaboration Suite (ZCS) email servers experienced multiple breaches between July and early August 2022. The exploitation of CVE-2022-27925, a remote-code-execution (RCE) vulnerability in ZCS, was most likely the cause of …
APT-C-35 infection chain adds novel Windows framework modules
Threat Level Actor Report For a detailed advisory, download the pdf file here Summary APT-C-35 is an advanced persistent threat actor that has been active since 2016. The gang has upgraded its Windows spyware architecture, dubbed YTY, Jaca. They target South Asian government and military institutions, …
Vulnerabilities & Threats that Matter 08 – 14th Aug
Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 563 14 3 69 08 71 For a detailed threat digest, download the pdf file here Summary The second week of August 2022 witnessed the discovery of 563 vulnerabilities out of which 14 …
BlueSky ransomware incorporates Multithreading to expedite encryption
Threat Level Attack Report For a detailed advisory, download the pdf file here Summary BlueSky ransomware is actively targeting businesses and demanding a ransom. It appears that they have ties with the Conti ransomware group. The malware is now primarily targeting Windows hosts and uses multithreading …
Zeppelin ransomware target organization in Europe and USA
Threat Level Attack Report For a detailed advisory, download the pdf file here Summary Zeppelin, the newest member of the Delphi-based Vega ransomware family, has been quite clever in meticulously tailoring these ransomware operations. Zeppelin, first identified in 2019 as ransomware-as-a-service (RaaS) , has been predominantly …