Brazil’s manufacturing industry under attack by Vice Society ransomware group
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Vice Society ransomware group is a cyber threat group that made headlines in late 2022 and early 2023 for a series of attacks against various targets, including the rapid transit …
VMware addresses Security Flaws in vRealize Log Insight
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary VMware has patched four security flaws in vRealize Log Insight (aka Aria Operations for Logs) that could potentially expose users to remote code execution attacks and allow an unauthenticated attacker to …
DragonSpark Attacks Targeting East Asian Countries Using SparkRAT Malware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Recently, a group of cyber-attacks against organizations in East Asia has been identified and named “DragonSpark”. These attacks are known for using a relatively unknown open-source tool called SparkRAT, which is …
Chinese Threat Actors Leverage Phishing and GuLoader to Distribute Remcos RAT
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The malicious campaign described involves the distribution of a malicious PDF file through email, via phishing. The PDF file in this case redirects victims to a legitimate cloud-based platform, where they …
Unpatched Systems Vulnerable to Spoofed Linked Certificates in KDC
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Windows Server provides Public Key Infrastructure (PKI) technology to enable capabilities such as Encrypting File System (EFS), domain authentication, digital signatures, and email security. Misconfigurations in Active Directory Certificate Services (AD …
A New Malware Called Album Stealer is Targeting Facebook Users
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Album Stealer is a malware that disguises itself as a photo album and drops decoy adult images while performing malicious activity in the background. It uses a side-loading technique to execute …
Tracking the Stealthy Movements of Vidar Info-Stealer Malware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Vidar is an info-stealer malware that was first spotted in the wild in late 2018. It is considered a distinct fork of the Arkei malware family and has a simple business …
CrySIS Ransomware A Long-Standing Threat with a New Twist
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The ransomware family CrySIS, dubbed Dharma, has been advancing since 2016. Its source code was made available to the public, enabling others to customize it for their use. The criminals behind …
A new EmojiDeploy attack has been found in an Azure service
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The EmojiDeploy attack chain allows a threat actor to run arbitrary code, steal or delete sensitive data, and compromise a targeted application on Azure by exploiting a remote code execution vulnerability …
Control Web Panel OS Command Injection Exploitation Increases After POC Release
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary On January 3, 2023, a security researcher published a proof-of-concept exploit for a vulnerability in Control Web Panel (CWP) that allows unauthenticated remote code execution. By January 6, the vulnerability was …