Cisco Small Business Routers Vulnerable to Authentication Bypass and Remote Code Execution
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Multiple vulnerabilities were found in the web-based management interface of Cisco Small Business Routers. The authentication bypass vulnerability (CVE-2023-20025) allows an unauthenticated attacker to bypass authentication on an affected device by …
The Vulnerability Discovered in the Cacti Open-Source RRD tool
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A high-severity vulnerability named CVE-2022-46169 has been found in Cacti, a free, open-source, web-based network monitoring and graphing tool designed as a front-end application for the open-source data logging tool RRDtool. …
Pro-Russian Hacktivist Group NoName057(16) Launches Cyber Attacks on Ukraine and NATO Organizations
Threat Level Actors Report For a detailed threat advisory, download the pdf file here Summary NoName057(16) is a pro-Russian hacktivist group that has been conducting a campaign of DDoS attacks on Ukraine and NATO organizations since the early days of the war in Ukraine. The group …
Newly Discovered PoweRAT Malware Distributed through PyPI
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A newly discovered malware called “PoweRAT” combines a stealer and a RAT (remote access tool). The malware is being distributed through the Python Package Index (PyPI), a repository of software for …
GootKit Loader is targeting organizations in the Australian healthcare industry
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Gootkit, also known as Gootloader, is a type of malware known for being used in advanced persistent threat (APT) campaigns. Recently, it has been discovered to be targeting organizations in the …
NeedleDropper malware leverages a memory corruption flaw in Microsoft to disseminate
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new dropper strain dubbed NeedleDropper is used to distribute multiple malware families. The dropper attempts to obfuscate by dumping numerous useless, invalid files and storing critical data within several MB …
After four months of idleness, Emotet reappears and deploys loaders
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Emotet banking Trojan was initially found in 2014 as one of the most expensive and damaging malware. The phishing efforts that spread Emotet used the same email thread hijacking approach …
Microsoft addresses one actively exploited zero-day and numerous critical vulnerabilities
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Microsoft released a patch on January 2023’s Patch Tuesday addressing 98 vulnerabilities, of which 11 are considered critical. The patch includes fixes for a range of vulnerabilities including 39 Elevation of …
Google releases Chrome 109 with a range of bug fixes
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Google Chrome 109 is being promoted to the stable channel for Windows, Mac, and Linux. It contains a number of bug fixes and improvements, including use after free in Overview Mode, …
PatchWork gang dropped a variant of the BADNEWS Trojan
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Patchwork deployed a variant of the BADNEWS (Ragnatela) Remote Administration Trojan that employed malicious RTF files in its most recent campaign. The group’s project name and control panel are named “Ragnatela,” …