RisePro: A New Threat Emerges on the Russian Online Marketplace
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary RisePro is a type of malware that has been designed to steal sensitive information from infected computers and send it back to the attacker. It was first seen being sold on …
Apple addresses macOS Dirty Cow, Achilles, and other flaws
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Apple addressed multiple vulnerabilities in macOS Monterey. These vulnerabilities affect different functionalities such as Bluetooth, BOM, DriverKit, File System, IOHIDFamily, Kernel, and Preferences. Some of these vulnerabilities could be exploited by …
Outlining a new SiestaGraph backdoor
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Foreign Affairs Office of an Association of Southeast Asian Nations (ASEAN) member is targeted by multiple threat actors who are coordinating active campaigns via a vulnerable Microsoft Exchange server. Upon …
Multiple Old Vulnerabilities actively exploiting in Cisco Products
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Several security old vulnerabilities actively exploiting in Cisco IOS, NX-OS, and HyperFlex software, some of which can be exploited for authentication bypassing to gain full control of the impacted system. …
Samba addressed a series of severe vulnerabilities
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Samba is a free-source Windows interoperability package that provides file server, printer, and Active Directory services for Linux, Unix, and macOS operating systems. Samba has resolved a set of flaws that, …
Agenda ransomware made its return with a Rust variant
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary In addition to BlackCat, Hive, Luna, and RansomExx, Agenda is the latest ransomware strain to use the cross-platform programming language Rust. Ransomware-as-a-service (RaaS) group Agenda, attributed to an operator named Qilin, …
VMware tackles security flaws in ESXi and vRealize
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary VMware addressed security weaknesses to address a critical-severity vulnerability affecting ESXi, Workstation, Fusion, and Cloud Foundation, as well as a critical-severity command injection flaw impacting vRealize Network Insight. CVE-2022-31705 is a …
China-based MirrorFace APT group targeting Japanese Political Entities
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary A Chinese-speaking APT group named MirrorFace has started its attacks by spearphishing campaign with LODEINFO backdoor, targeting Japanese political entities since June 29, 2022 and this campaign operation is named as …
Mallox Ransomware is Ramping up its Operation
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Mallox ransomware strains have been spotted in the wild, indicating that the ransomware is operational, propagating rapidly, and infecting entities. An unknown .NET-based loader distributes these Mallox ransomware samples. The loader …
A New GoLang Botnet named GoTrim BruteForcing multiple CMS
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new GoTrim botnet has been scanning and brute-forcing on the four Content Management Systems (WordPress, DataLife Engine, Joomla!, and OpenCart ) websites. GoTrim botnet is written in Go Programming language …