OldGremlin, a threat actor targeting Russian organizations with phishing emails since 2020
HiveForce Labs THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here After almost a year, OldGremlin made a comeback in March 2022 by resuming their malicious email campaigns against two Russian organizations. Over the last two years, OldGremlin has carried out 13 malicious email campaigns …
Old Zimbra vulnerability used to target Ukrainian Government Organizations
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here The Ukrainian Computer Emergency Response Team (CERT-UA) has issued an alert about a campaign targeting Ukrainian government entities that involve an exploit for an XSS vulnerability in Zimbra Collaboration Suite. The attackers have been …
Two actively exploited vulnerabilities affect multiple VMware products
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Multiple vulnerabilities have been discovered in VMware products. Two of these have been exploited in the wild. The first zero-day vulnerability, CVE-2022-22954, is a server-side template injection flaw. An attacker could exploit this bug …
Google Chrome issues an emergency update to address the third zero-day of year 2022
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here A zero-day vulnerability has been discovered in Google Chrome versions prior to 100.0.4896.127. A type of confusion vulnerability tracked as CVE-2022-1364, is said to be exploited in the wild. This vulnerability affects the V8 …
Microsoft Patch Tuesday April 2022 addressed two zero-day vulnerabilities
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Microsoft addressed 128 vulnerabilities in there April patch Tuesday update. Two of them have been categorized as zero-day vulnerabilities. One of the two zero-days is exploited-in-the-wild as well. The vulnerability, CVE-2022-24521, has been exploited …
Weekly Threat Digest: 4 – 10 April 2022
For a detailed threat digest, download the pdf file here Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 438 3 3 53 16 54 The second week of April 2022 witnessed the discovery of 438 vulnerabilities out of which 3 gained …
Attacks on European Union and Ukrainian government entities carried out by the Armageddon group
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here The Computer Emergency Response Team of Ukraine (CERT-UA) has issued an alert warning of an ongoing spear-phishing attempt aimed at delivering an email with a malware attachment to Ukrainian government institutions and European state …
APT 10, a state-sponsored Chinese threat group, conducting a global cyber espionage operation
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here A Chinese state-sponsored advanced persistent threat APT 10 group has been attacking government, legal, religious entities and non-governmental organizations (NGOs) around the world in what appears to be an espionage campaign that has been …
RCE Spring Framework Zero-Day vulnerability “Spring4Shell”
THREAT LEVEL: Red For a detailed advisory, download the pdf file here A zero-day vulnerability has been discovered in the Spring framework, a Java framework that provides infrastructure support for web application development. This vulnerability came to light after a Chinese researcher made a GitHub commit …
