Weekly Threat Digest: 14 – 20 March 2022
For a detailed threat digest, download the pdf file here Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 567 22 5 36 15 60 The third week of March 2022 witnessed the discovery of 567 vulnerabilities out of which 22 gained …
Berkeley Internet Name Domain (BIND) affected by multiple vulnerabilities
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here The Internet Systems Consortium (ISC) has published security upgrades to address several vulnerabilities in the widely used Berkeley Internet Name Domain (BIND) server software. An attacker could take advantage of some of these vulnerabilities …
Environment Variables Leak affect Multiple browsers
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. A system environment variables leak security bug was found in Chromium 92 version. Multiple web browsers are based on the chromium engine, such as Google Chrome, Microsoft Edge, Opera, and Brave. Most of them …
Major Content Management Systems affected by Multiple vulnerabilities
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Several flaws in well-known content management systems WordPress and Drupal have been uncovered. A content management system, or CMS, is software that allows users to create, manage, and edit website content without requiring specialist …
New Threat Actor Exotic Lily acting as Initial Access Broker for Conti and Diavol ransomware group
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. Exotic Lily was first discovered exploiting a zero-day vulnerability in Microsoft MSHTML (CVE-2021-40444), which piqued the curiosity of researchers as a potentially sophisticated threat actor. Following additional analysis, it was revealed that the group …
Russian threat actors leveraging misconfigured multifactor authentication to exploit PrintNightmare vulnerability
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued an alert for enterprises that Russian state-sponsored cyber attackers have obtained network access by exploiting default MFA protocols …
Russian threat actor UAC-0056 targets European countries
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. The Governmental Computer Emergency Response Team of Ukraine (CERT-UA) has released an alert about a Russian threat actor UAC-0056 (SaintBear, UNC2589, TA471) delivering malwares using email attachments. UNC2589 is a cyber espionage cluster that …
Multiple Google Chrome Vulnerabilities affects all Platforms
THREAT LEVEL: Green. For a detailed advisory, download the pdf file here. Chrome versions prior to 99.0.4844.74 affects Windows, Mac, and Linux. Vendor has released fixes for ten vulnerabilities that allow an attacker to gain control of a vulnerable system. Nine of the ten Chrome vulnerabilities …
Attackers could gain root access using vulnerability in Linux Kernel Netfilter Firewall
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. A flaw in the Linux kernel has been discovered. If exploited, this flaw could allow a local attacker to gain privileges on targeted systems, allowing them to escape containers, execute arbitrary code, or cause …