OpenSSL exposed to Denial-of-service vulnerability causing Infinite Loop
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. A security flaw exists in OpenSSL software library that could lead to a denial-of-service (DoS) condition when parsing certificates. The vulnerability, identified as CVE-2022-0778, arises from parsing a malformed certificate with invalid explicit elliptic-curve …
Attackers Escape Kubernetes Containers using “cr8escape” Vulnerability in CRI-O
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. A flaw in CRI-O, an open-source Linux implementation of Kubernetes’ Container Runtime Interface (CRI), was discovered that may allow an attacker to gain remote control of servers and potentially poison the container with attack …
Russia under Attack from New RURansom Wiper
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here A series of Wiper Malware attacks have been launched in the continuing cyber war between Russia and Ukraine. Researchers have discovered the RURansom wiper malware, which adds to the current collection of harmful malware. …
Pandora Ransomware Targets Multiple Plants around the Globe
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Pandora ransomware is a new operation that targets business networks and obtains data for double-extortion assaults and active since March 2022. DENSO, a Japanese auto parts manufacturer’s plant in Germany, and Global Wafers Japan, …
LockBit 2.0 Ransomware affiliates targeting Renowned Organizations
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Since September 2021, LockBit 2.0 has targeted 500+ organizations in vital areas globally. The most recent attack targeted well-known tire producer Bridgestone, software behemoth Accenture, and the French Ministry of Justice. LockBit 2.0 ransomware …
Destructive data wipers and worms targeting Ukrainian organizations
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Cybersecurity & Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have jointly released an advisory and warned of an ongoing cyber attack using destructive malware targeting organizations in Ukraine that allows …
Weekly Threat Digest: 7 – 13 March 2022
For a detailed threat digest, download the pdf file here Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 538 16 3 42 19 89 The second week of March 2022 witnessed the discovery of 538 vulnerabilities out of which 16 gained …
Mustang Panda targets European diplomats using enhanced PlugX backdoor
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Mustang Panda, a Chinese cyberespionage group, has been targeting European diplomats with a revised version of the PlugX backdoor in an ongoing campaign linked to the ongoing conflict in Ukraine. The group, also known …
Prophet Spider exploits Log4j and Citrix vulnerabilities to deploy webshells
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Prophet Spider is a well-known Initial Access Broker (IAB) group. Prophet Spider’s tradecraft continues to grow while exploiting known web-server vulnerabilities such as Citrix and Log4j. A remote code execution (RCE) vulnerability(CVE-2021-22941) affecting Citrix …
Mozilla release Security Advisories for multiple vulnerabilities affecting Firefox and Firefox ESR
THREAT LEVEL: Green. For a detailed advisory, download the pdf file here Mozilla addressed multiple security vulnerabilities by releasing two security advisories and four of the bugs have high impact. One of the four vulnerabilities is a Time-of-Check Time-of-Use bug (CVE-2022-26387), which occurs when installing an …