Aiohttp Vulnerability Leveraged by ShadowSyndicate
Summary: The cybercriminal group ‘ShadowSyndicate’ has been detected scanning for vulnerable servers, aiming to exploit a recently addressed vulnerability in the widely-used Aiohttp library. This exploit, if successful, could lead to unauthorized access to sensitive data on servers globally, posing a significant threat to organizations relying on …
Earth Krahang APT Campaign Targeting Global Governments
Summary: Earth Krahang, an APT campaign since 2022, targets global government entities, employing spear phishing and server exploitation tactics. Operating independently but with potential links to Chinese threat actors, it utilizes malware like Cobalt Strike and XDealer for espionage, urging organizations to bolster security measures and patch …
Critical Flaw In WordPress Plugins Poses Risk Of Site Takeover
Summary: A critical security vulnerability, identified as CVE-2024-2172 in WordPress, urges users utilizing miniOrange’s Malware Scanner and Web Application Firewall plugins to uninstall these plugins from their websites. This vulnerability enables unauthorized attackers to gain administrative privileges by altering the user password. Threat Level – …
Attacks, Vulnerabilities and Actors 11 to 17 March 2024
For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, HiveForce Labs discovered eight executed attacks, uncovered ten vulnerabilities, and identified two active adversaries. These findings underscore …
Cisco IOS XR Flaws Enable Privilege Elevation and DoS Attacks
Summary: Three high-severity vulnerabilities have been discovered in the Cisco IOS XR software, posing risks of denial-of-service (DoS) attacks and elevation of privilege. These vulnerabilities are tracked as CVE-2024-20320, CVE-2024-20318, and CVE-2024-20327. Threat Level – Amber | Vulnerability Report For a detailed threat advisory, download the …
Critical XSS Flaw Discovered in WP Statistics Impacting 600K Sites
Summary: A critical Cross-Site Scripting (XSS) vulnerability (CVE-2024-2194) in WP Statistics plugin, allowing attackers to inject malicious code via the URL parameter. With over 600,000 installations, the flaw poses severe risks, enabling unauthorized script execution and potential data theft or site compromise. Update promptly to …
Magnet Goblin Strikes Public-Facing Servers
Summary: Magnet Goblin, characterized by its financial incentives, strategically exploits zero-day vulnerabilities within publicly accessible services by employing sophisticated malware sourced from the Nerbian family, which also includes NerbianRAT and MiniNerbian. Threat Level – Red | Actor Report For a detailed threat advisory, download the pdf …
TimbreStealer Focuses On Mexico With Social Engineering
Summary: Since at least November 2023, there has been a persistent phishing spam campaign targeting potential victims in Mexico. The campaign entices users to download TimbreStealer, a new information stealer that has been disguised. This campaign use financial-themed phishing emails to lure consumers into running …
Fortinet Releases Patches for Critical Vulnerabilities in Various Products
Summary: A critical SQL Injection vulnerability (CVE-2023-48788) in FortiClientEMS software enables attackers to execute unauthorized code or commands via specially crafted HTTP requests. Additionally, two other critical bugs in FortiOS and FortiProxy have been addressed. Update promptly to patched versions to prevent potential exploitation. Threat …