Bronze Starlight uses loader malware to deploy ransomware
Threat Level Actor Report For a detailed advisory, download the pdf file here Summary Bronze Starlight, a Chinese APT, is deploying ransomware LockFile, AtomSilo, Rook, Night Sky, and Pandora via the HUI loader malware to carry out double extortion. …
Vulnerabilities & Threats that Matter 20 June – 26 June 2022
Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 413 14 4 121 19 33 For a detailed threat digest, download the pdf file here Summary The last week of June 2022 witnessed the discovery of 413 vulnerabilities out of which 14 …
50+ firms attacked by Black Basta ransomware group
Threat Level Actor Report For a detailed advisory, download the pdf file here Summary Black Basta ransomware is a new ransomware family that has been discovered in April 2022. The group targets English-speaking countries, specifically, and has targeted approximately 50 victims in Australia, Canada, New Zealand, …
Unknown threat groups continues to exploit Log4j in VMware Products
Threat Level Attack Report For a detailed advisory, download the pdf file here Summary An unknown APT group is exploiting the Log4j vulnerability that is affecting VMware Horizon and Unified Access Gateway (UAG) servers to compromise the system and take over the entire network by deploying …
APT28 exploits Follina to deploy CredoMap
Threat Level Actor Report For a detailed advisory, download the pdf file here Summary Google Chrome addresses nine vulnerabilities in its latest stable channel update for Windows, Mac, and Linux …
Google addresses new vulnerabilities in Chrome
Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary Google Chrome addresses nine vulnerabilities in its latest stable channel update for Windows, Mac, and Linux …
ToddyCat exploits unknown vulnerability in Microsoft Exchange servers to targets entities in Europe and Asia
Threat Level Actor Report For a detailed advisory, download the pdf file here Summary ToddyCat, an APT group is deploying web shells by exploiting an unknown vulnerability in the Microsoft Exchange Servers. They are initiating a multi-stage infection that aims at governmental bodies in Europe and …
DriftingCloud exploits zero-day in Sophos firewall
Threat Level Attack Report For a detailed advisory, download the pdf file here Summary The Chinese APT actor DriftingCloud exploits the RCE vulnerability in Sophos firewall to take over the entire network …
New vulnerability allows attackers to takeover entire WordPress website
Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary An unauthenticated attacker can call multiple methods in Ninja Forms class in order to inject objects to eventually perform Remote Code Execution(RCE). …
Vulnerability in Zimbra that steals clear-text credentials from users
Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary A new vulnerability in Zimbra allows an attacker to steal cleartext credentials from instances via Memcache injection. Over 200,000 users logged in can be impacted by the security flaw. …