New Post-Exploitation Exfiltrator-22 Ransomware Framework Designed to Evade Detection
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new post-exploitation framework called EXFILTRATOR-22 a.k.a. EX-22 appears to have been created by a group operating in North, East, or South-East Asia. The group is skilled in defense evasion and …
Deceptive Discord Campaign Targets Government Entities with PureCrypter Malware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Government entities in the Asia-Pacific and North American regions have been targeted by a threat actor using the PureCrypter malware downloader. This particular malware has been used to distribute various strains …
Apple Discovers Three New Vulnerabilities in macOS Ventura 13.2
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Apple has updated its macOS Ventura 13.2 advisories to include three new vulnerabilities. One of them is a race condition affecting the crash reporter component, which can allow an attacker to …
Lazarus Strikes with WinorDLL64 Backdoor Discovered in Wslink Malware loader
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A newly discovered backdoor named WinorDLL64 seems to be associated with the malware downloader Wslink. This revelation suggests that Lazarus, the notorious North Korea-aligned group, may have employed this tool. WinorDLL64 …
Exploiting ChatGPT’s Popularity for Malware Distribution
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The attack on ChatGPT involved the exploitation of its widespread usage to distribute malware and carry out various cyber-attacks, including phishing and typosquatting. …
New Attack Group Clasiopa Targets Materials Research Organization in Asia with Custom Malware
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary A new attack group called Clasiopa has been observed targeting materials research organizations in Asia using a distinct toolset that includes a custom malware called Backdoor.Atharvan. It is unclear where Clasiopa …
Icarus a Versatile Infostealer with Rootkit and hVNC Capabilities
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Icarus Stealer malware is equipped with a Hidden Virtual network computing (hVNC) feature, which enables the attacker to generate a concealed desktop and traverse the compromised system without any contact …
Newly Identified Threat Actor Hydrochasma Targets Shipping Companies and Medical Laboratories in Asia
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Hydrochasma is a newly identified threat actor that has been targeting shipping companies and medical laboratories in Asia since October 2022. This group’s primary focus appears to be on intelligence gathering, …
HardBit Ransomware: A Threatening Cyber Attack Targeting Organizations with New Version 2.0
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary HardBit is a ransomware strain that focuses on extorting cryptocurrency payments from organizations in exchange for data decryption. It first emerged in October 2022, and a newer version, HardBit 2.0, surfaced …
Injection vulnerability in VMware Carbon Black App Control
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary There is an injection vulnerability in VMware, specifically in the Carbon Black App Control product. If a malicious actor, who has privileged access to the App Control administration console, utilizes specially …