Multiple government entities targeted by China-linked Daxin malware
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here A technologically advanced and previously undocumented malware Daxin was used as the advanced persistent threat (APT) weapon by China-linked actor against government critical infrastructures across the globe. This malware can read and write arbitrary …
Zero-day vulnerability in Zimbra Servers being exploited-in-the-wild
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here A zero-day cross-site scripting (XSS) vulnerability has been discovered in the Zimbra email software. A threat actor is taking advantage of this issue by launching a targeted spear-phishing attack named Operation EmailThief. Two attack …
Zabbix affected by two actively exploited vulnerabilities
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Multiple security vulnerabilities have been discovered in Zabbix (open-source network traffic monitoring software) Web Frontend component while implementing client-side sessions storage and are being actively exploited as per CISA. Successful exploitation of these vulnerabilities …
Chinese APT group targets financial institutions in the campaign “Operation Cache Panda”
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Chinese threat actor APT10 conducted a series of large-scale supply chain attacks that exclusively targeted the financial software systems of Taiwanese financial institutions from the end of November 2021 until the middle of February …
Millions of WordPress site backups at risk due to a vulnerability in UpdraftPlus plugin
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here UpdraftPlus is a backup tool for WordPress files, databases, plug-ins, and themes that allows you to create, restore, and migrate backups. UpdraftPlus is utilized by more than three million WordPress websites, according to its …
Privilege Escalation Vulnerability in Snap Package Manager puts Linux users at risk
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here A privilege escalation vulnerability has been identified in Canonical Snap software package manager that affects the Linux-based operating systems. Successful exploitation of this issue might allow an attacker to escalate privileges and gain root …
Apache Cassandra database affected by easily exploitable Remote code execution
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here Apache Cassandra is a database software being used by many companies such as Uber, Facebook, Netflix, Twitter, Instagram, Spotify, Instacart, Reddit, and Accenture. A remote code execution flaw (CVE-2021-44521) is reported which is easily …
Russian state-sponsored cyber actors targeting U.S. critical infrastructure
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here In a joint cybersecurity advisory, the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA) revealed that Russian state-sponsored threat actors targeted U.S. defense contractors from …
BlackCat Ransomware group attacks on the rise
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here The Blackcat Ransomware gang also known as ALPHV has targeted around 25 organizations belonging to multiple sectors globally since November 2021. The group has claimed responsibility for the recent cyber attack on Swissport which …