FRwL destroys data with Somnia to disrupt operations in Ukraine
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary FRwL(From Russia with Love) group, tracked as UAC-0118 uses a fake website to trick Ukrainian organization employees into downloading the Advanced IP Scanner software. Upon installation, the system is infected with …
Citrix Addresses Auth bypass Flaws Affecting ADC and Gateway Products
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Citrix has addressed bugs in Citrix ADC and Citrix Gateway. A remote intruder could exploit either of these flaws to obtain control of a susceptible system. To successfully exploit the vulnerability …
Google addressed several flaws with Chrome 107
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Google Chrome addresses multiple vulnerabilities in its latest stable channel update for Windows, Mac, and Linux.The Use-After-Free (UAF) issue is responsible for four of the six Chrome vulnerabilities. This is a …
Earth Longzhi: New subgroup of APT41
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Earth Longzhi is running a spearphishing campaign to infect organizations with a payload such as Cobalt Strike loader, Symatic loader, CroxLoader, BigpipeLoader, OutLoader, and other custom hacking tools. …
Apple addresses the macOS code execution flaws
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary MacOS Ventura contains two security flaws that can be exploited to cause an integer overflow and execute arbitrary code. The CVE-2022-40303 vulnerability exists as a result of an integer overflow in …
Authentication Bypass Vulnerabilities in VMware Workspace ONE Assist
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Several security vulnerabilities exist in VMware’s Workspace ONE Assist solution, some of which can be exploited for authentication bypassing to gain admin-level access. A vulnerability in VMware Workspace ONE Assist, CVE-2022-31685, …
Microsoft addressed ProxyNotShell with November Patch Tuesday
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Microsoft addressed six zero-day vulnerabilities in this patch Tuesday, along with other significant vulnerabilities that could lead to Remote Code Execution, Information Disclosure, and Denial of Service. The actively exploited CVE-2022-41128 …
New Azov Ransomware can wipe 666 bytes data at a stretch
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The new Azov Ransomware can wipe 666 bytes of data at a time. The Azov wiper destroys victims’ data on purpose and infects other applications by dropping a fake pirated software. …
Ransomware Black Basta uses tools related to FIN7
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Black Basta is deploying a ransomware payload by exploiting Microsoft flaws and using an Endpoint Detection and Response(EDR) defense evasion tool created by FIN7. Black Basta is a relatively new ransomware …
Indian Government targeted by APT-36
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary APT 36, also known as Transparent Tribe, is an information theft and espionage gang that was last active in mid-July 2022. Recently, invasive advertising and the data exfiltration tool LimePad were …