Vulnerabilities & Threats that Matter 25 – 31st July
Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 462 7 4 52 22 64 For a detailed threat digest, download the pdf file here Summary The Last week of July 2022 witnessed the discovery of 462 vulnerabilities out of which 7 …
KNOTWEED exploits zero-days to target US and Europe
Threat Level Actor Report For a detailed advisory, download the pdf file here Summary KNOTWEED, an Austria-based private-sector offensive actor (PSOA), are exploiting 0-day vulnerabilities of Windows and Adobe to perform targeted attacks against European and Central American customers by using their malware named Subzero. …
APT37 employs Konni malware to target high-level organizations
Threat Level Actor Report For a detailed advisory, download the pdf file here Summary The Konni remote access trojan, which is widely used malware by the APT37, is used in the attack campaign to take advantage of high-value targets from countries like the Czech Republic, Poland, …
Evilnum strikes commodities and cryptocurrency Forum
Threat Level Actor Report For a detailed advisory, download the pdf file here Summary In recent campaigns, the Evilnum actor group has targeted the Decentralized Finance (DeFi) sector using Evilnum Malware. The latest iteration of Evilnum backdoor employs a diverse set of ISO, Microsoft Word, and …
Hive Pro Welcomes Pierre Noel as New Chief Information Security Officer
New CISO to Support Growth Milpitas, California, July 28, 2022 — Hive Pro, a cyber security company specializing in Cyber Threat Exposure Management, has appointed Pierre Noel as its new Chief Information Security Officer (CISO). He has been hired with the vision of supporting growth in the company. …
Spyware Group Candiru exploits Chrome Zero-Day to Target Middle East
Threat Level Attack Report For a detailed advisory, download the pdf file here Summary Candiru(Saito Tech) spyware used the recently fixed CVE-2022-2294 Chrome zero-day in assaults on journalists, with a substantial portion of the attacks taking place in Lebanon. This recently patched vulnerability in WebRTC is …
Shell Command Injection Vulnerability found in Apache Spark
Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary Apache Spark recently disclosed a weakness, CVE-2022-33891, which would allow threat actors to execute arbitrary shell commands as a Spark. …
Revamped version of Redeemer Ransomware has been uncovered on Dark Web Forums
Threat Level Attack Report For a detailed advisory, download the pdf file here Summary A new version of the free Redeemer ransomware has been discovered on hacker forums, providing inexperienced threat actors with an easy entry into the field of encryption-backed extortion campaigns. The new 2.0 …
APT29 utilizes cloud storage service to deliver malicious payloads
Threat Level Actor Report For a detailed advisory, download the pdf file here Summary APT29, a cyber espionage gang uses cloud storage services such as Google Drive and Dropbox to distribute malware to compromised systems. The gang used a phishing campaign that targeted several Western diplomatic …
Vulnerabilities & Threats that Matter 18 – 24th July
Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 497 11 2 Worldwide 6 33 For a detailed threat digest, download the pdf file here Summary The third week of July 2022 witnessed the discovery of 497 vulnerabilities out of which 11 …