Dalbit Threat Actor Launches Attack Campaign Against Multiple Korean Organizations
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Dalbit is a threat actor group that has been active since at least 2022. They have been targeting South Korean companies, with more than 50 confirmed attack attempts so far. The …
Citrix Resolves Vulnerabilities in Virtual Apps and Workspace Apps
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Citrix Systems has addressed vulnerabilities in its Virtual Apps and Desktops, as well as Workspace Apps products, that could potentially enable attackers with local access to the target to elevate their …
Red Eyes Exploits Hangul EPS Vulnerability and Steganography to Spread Malware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Red Eyes group used an old vulnerability in Hangul word processor to spread malicious code via steganography, stealing personal PC information and mobile phone data, and executing C&C commands using …
Microsoft tackles three actively exploited zero-day vulnerabilities and several other bugs
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary In February 2023’s Patch Tuesday, Microsoft released a patch that addressed 75 vulnerabilities, including three zero days. The patch addressed 12 Elevation of Privilege vulnerabilities, 2 Security Feature Bypass vulnerabilities, 36 …
Emerging MortalKombat Ransomware and Laplas Clipper Malware Targeting Cryptocurrency
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary An unidentified actor using the MortalKombat ransomware and a GO variant of the Laplas Clipper malware to steal cryptocurrency from victims. This campaign aims to steal or demand ransom payments in …
New China-based Group Expands Operations to Compromise Diplomatic Targets in South America
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The China-based cyber espionage group DEV-0147 has expanded its data exfiltration operations to include diplomatic targets in South America, in addition to targeting government agencies and think tanks in Asia and …
Revealing the Tonto Team’s Latest Hacks and Menaces
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The Tonto Team, a Chinese hacking group, has been linked to attacks on various Asian and Eastern European organizations. In June 2022, an advanced persistent threat (APT) attempted to hack a …
Apple Addressed A Zero-day Vulnerability With An Emergency Security Update
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Apple has released an emergency security update to fix a zero-day vulnerability, CVE-2023-23529, that could be used to hack iPhones, iPads, and Macs. The vulnerability was found in WebKit and could …
Russian Hacker Group Disrupts Relief Efforts for Turkey-Syria Earthquake with DDoS Attacks
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Killnet, a Russian hacker group, disrupted relief efforts for the Turkey-Syria earthquake by carrying out DDoS attacks, taking down the websites of NATO Special Operations Headquarters and Strategic Airlift Capability. …
Russia-linked Nodaria group employs Graphiron information stealer
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A cyber espionage group linked to Russia, known as Nodaria, has been spotted deploying a newly created information-stealing malware named Graphiron in attacks aimed at Ukraine. The malware, coded in Go, …