MoonBounce: New malware deployed by APT41 in UEFI firmware
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. MoonBounce is a new type of malware that hides in the most complex part of an Operating System (OS), the Basic Input Output System (BIOS) chip, and thus persists even after reinstalling your OS or …
SolarWinds Serv-U vulnerability exploited to deliver Log4j attack
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. SolarWinds is affected by a vulnerability (CVE-2021-35247) due to improper input validation when processing LDAP queries in the Serv-U web login screen. Serv-U versions up to 15.2.5 are affected by this flaw and were fixed …
Cisco patched multiple critical vulnerabilities in StarOS Software
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Cisco patched two critical vulnerabilities in Redundancy Configuration Manager for StarOS software. Exploitation of one of the vulnerabilities is not required to exploit the other vulnerability. An attacker could exploit the remote code execution vulnerability …
FIN8 Hacker group using new ‘White Rabbit’ Ransomware against U.S. Banks
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. White Rabbit is a ransomware family that has only recently been discovered. It could be a subsidiary project of the FIN8 hacking gang. A ransomware expert seeking for a sample of the malware made the …
Zoho ManageEngine Desktop Central affected by critical vulnerability
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Zoho has patched a critical vulnerability (CVE-2021-44757) in Desktop Central and Desktop Central MSP which are unified endpoint management (UEM) solutions. A security vulnerability exists in the Desktop Central and Desktop Central MSP that allows …
WordPress plugins affected by critical vulnerability impacting 84,000 websites
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. WordPress powers over 43.0% of all the websites on the Internet. A Cross-Site Request Forgery vulnerability (CVE-2022-0215) was discovered in three plugins of WordPress. This flaw made it possible for an attacker to update arbitrary …
Ukraine government entities targeted by a destructive malware “Whispergate”
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. A malware attack was carried out on Ukraine government, non-profit, and IT entities with a wiper disguised as ransomware. The threat actor, DEV-0586 targeted government bodies that provide critical executive branch or emergency response functions. …
SnatchCrypto campaign carried out by North Korean APT 38 subsidiary BlueNoroff
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. BlueNoroff, an advanced persistent threat (APT) group that’s part of the larger Lazarus Group associated with North Korea, is behind a series of attacks against small and medium-sized companies that have led to serious cryptocurrency …