Several vulnerabilities are addressed by Fortinet across its product range
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Fortinet addressed security vulnerabilities across its products, most notably FortiADC, which has a high-severity command injection bug listed as CVE-2022-39947 due to incorrect input validation in the web GUI. A remotely …
A New Emerging CatB Ransomware Using DLL Hijacking to Evade Detection
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary CatB is a ransomware that uses a technique called DLL hijacking to evade detection. It does this by injecting itself into the Microsoft Distributed Transaction Coordinator (MSDTC) service, a legitimate Windows …
Synology addresses the RCE vulnerability that affects VPN Plus servers
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Synology has addressed a flaw in VPN Plus Server that has the potential to take control affected systems. The vulnerability, identified as CVE-2022-43931, is an out-of-bounds write fault in Synology VPN …
Linux malware leverages plugin exploits to backdoor WordPress sites
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary WordPress sites are being exploited by an unidentified strain of Linux malware that exploits flaws in plugins and compromises the sites by injecting malicious JavaScripts that are run sequentially until one …
Malware Distribution via Google PPC by IcedID Botnet Distributors
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The IcedID botnet has been using Google pay-per-click ads to distribute itself through malvertising attacks since December 2022. Malvertising involves the use of malicious ads that are displayed in search results …
WordPress plugin has been exploited in the wild to mount backdoors
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Malicious actors are actively exploiting a critical vulnerability in the YITH WooCommerce Gift Cards Premium WordPress plugin in order to plant backdoors on e-Commerce sites. The security flaw (CVE-2022-45359) exists due …
Trading platforms are in jeopardy due to ArkeiStealer
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Threat actors are currently disseminating ArkeiStealer via Windows Installer binaries disguised as trading applications. The trading application has been backdoored with the SmokeLoader downloader, which also includes an information stealer. …
New Ransomware Variants Created Using Leaked Conti Source Code
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The leaked source code of the Conti ransomware has been used to create new strains of the ransomware. These new strains include Putin Team, ScareCrow, BlueSky, and Meow ransomware are being …
The Linux kernel has several security flaws
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The Linux kernel is vulnerable to a vulnerability that allows remote attackers to execute arbitrary code on affected installations. This vulnerability can be exploited without authentication, but only on systems that …
Bluenoroff Bypasses MoTW to Target Japanese Organizations
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Bluenoroff is known for targeting financial institutions and government organizations and has been active since at least 2014. From September onwards Bluenoroff threat actors added a new feature, that bypasses the …