Prophet Spider exploits Log4j and Citrix vulnerabilities to deploy webshells
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Prophet Spider is a well-known Initial Access Broker (IAB) group. Prophet Spider’s tradecraft continues to grow while exploiting known web-server vulnerabilities such as Citrix and Log4j. A remote code execution (RCE) vulnerability(CVE-2021-22941) affecting Citrix …
Mozilla release Security Advisories for multiple vulnerabilities affecting Firefox and Firefox ESR
THREAT LEVEL: Green. For a detailed advisory, download the pdf file here Mozilla addressed multiple security vulnerabilities by releasing two security advisories and four of the bugs have high impact. One of the four vulnerabilities is a Time-of-Check Time-of-Use bug (CVE-2022-26387), which occurs when installing an …
RangnarLocker Ransomware hits Critical Infrastructure Compromising 50+ Organizations
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here The Federal Bureau of Investigation (FBI) has released an alert on Ragnarlocker campaign that has affected nearly 52 organizations encompassing 10 critical infrastructure sectors, including entities in significant manufacturing, energy, financial services, government, and …
Multiple security vulnerabilities in Adobe After Effects and Illustrator
THREAT LEVEL: Green. For a detailed advisory, download the pdf file here Adobe addressed 5 security flaws in Illustrator and After Effects. According to Adobe, none of the vulnerabilities have been exploited so far. Successful exploitation of any of the five vulnerabilities listed below could allow …
Chinese state-sponsored threat group APT41 targets U.S. critical organizations using two Zero-Days
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here A China state-sponsored threat group known as APT41 is observed compromising at least six U.S. state governments networks in a threat campaign beginning from May 2021. APT41 is a well-known Chinese state-sponsored espionage outfit …
Microsoft addressed three zero-day vulnerabilities March 2022 Patch Tuesday Update
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Microsoft addressed 71 the following vulnerabilities in their March 2022 Patch Tuesday Update. This advisory briefs about six vulnerabilities out of which three of them have been rated critical in severity and three of …
Dirty Pipe: A privilege escalation vulnerability in Linux Kernel
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here A vulnerability in the Linux kernel existed since version 5.8 and allows overwriting data in arbitrary read-only files. Because unprivileged processes can inject code into root processes, this results in privilege escalation. It has …
Two actively exploited Zero-Day vulnerabilities discovered in Mozilla Firefox
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Two critical zero-day vulnerabilities have been identified in Mozilla Firefox that are being exploited in-the-wild and tracked as CVE-2022-26485 and CVE-2022-26485. Both are use-after-free bugs that exist in XSLT parameter processing and the WebGPU …
Linux Distributions affected by a privilege escalation vulnerability
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here A new privilege escalation vulnerability has been reported that affects all the major releases of the Linux kernel and being tracked as CVE-2022-0492. The issue primarily affects the Linux kernel feature known as control …
Thousands of GitLab instances impacted by multiple security flaws
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here Multiple security vulnerabilities have been discovered by researchers in GitLab, an open-source DevOps software. Some of these flaws could allow an unauthenticated remote attacker to retrieve all information linked to GitLab users and further …