A new strain of Punisher ransomware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new variant of the Punisher ransomware is spreading via phishing website that delivers ransomware disguised as a COVID tracking application. Punisher Encryptor is a .NET binary that runs on Windows …
Actively Exploited Zero-Day Bug in Chrome
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary CVE-2022-4135 is a high-severity heap buffer overflow issue that affects the GPU component. The fault is caused by a boundary error in the GPU while processing untrusted HTML input. An attacker …
A new RansomExx ransomware strain revised in Rust
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary RansomExx is a ransomware variant that operates on a ransomware-as-a-service (RaaS) model and has been active since it first appeared in 2018 as Defray777. The latest version, dubbed RansomExx2 by threat …
Black Basta Ransomware Invades US Firms with Qakbot Malware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary In this latest spear-phishing campaign, the Black Basta ransomware gang employed QakBot malware, aka QBot or Pinkslipbot, to acquire an initial point of entry and migrate laterally through an organization’s network …
Rise in new Royal Ransomware attacks
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Royal Ransomware is a new form of ransomware used as a service in early 2022, with the objective of gaining access to a victim’s environment, encrypting all their files, and …
Arab countries are being targeted by multiple malware families
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Malicious actors have already begun World Cup-themed phishing attacks targeting specific organizations partnered with the tournament are more vulnerable victims in Arab countries. The goal of such assaults could vary, such …
Aurora Botnet evolves into a Stealer
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Aurora was first discovered in Russian-speaking underground forums and was capable of stealing, downloading, and gaining remote access. A threat actor by the name of Cheshire is selling this Malware-as-a-Service. …
Atlassian Addresses Issues in Crowd and Bitbucket Products
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Atlassian has two security holes that can be abused to allow arbitrary code execution. CVE-2022-43782 allows an intruder connecting from an IP address on the allow list to authenticate as the …
Chinese APT Earth Preta runs spearphishing campaigns
Threat Level Actors Report For a detailed threat advisory, download the pdf file here Summary Earth Preta, an APT gang, staged a large-scale cyber espionage campaign in which the malware was transmitted via spear-phishing emails. The actors use various strategies to avoid detection and analysis, such …
RapperBot Campaign Launches DDoS Attacks on Game Servers
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The new RapperBot malware version creates a botnet capable of launching Distributed Denial of Service (DDoS) attacks. The latest version can launch Telnet brute-force strikes, DoS attacks using the Generic Routing …