Vice Society actors target K-12 institutions in US
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Vice Society is an extortion hacking group that emerged in the summer of 2021. The Vice Society does not use a specific ransomware variant. Instead, they used variants of Hello Kitty, …
Novel remote access trojan CodeRAT uncovered
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary CodeRAT is a remote access trojan (RAT). The malicious operation, which appears to have originated in Iran, employed a Word document with a Microsoft Dynamic Data Exchange (DDE) exploit to target …
Google Chrome browser suffers from another zero-day vulnerability
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary There is a vulnerability in the Chrome browser, identified as CVE-2022-3075, that is actively exploited in the wild. …
Chile government’s Windows and Linux servers hit by RedAlert ransomware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Chilean Ministry of Interior asserted that RedAlert ransomware aka N13V attack had disrupted the operations and online services of a government agency in the country. In classic double-extortion manner, the …
Multiple vulnerabilities addressed by Google with Chrome 105
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Google Chrome addresses multiple vulnerabilities in its latest stable channel update for Windows, Mac, and Linux. …
APT40 deployed ScanBox malware to target the Australian government
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary APT 40 is a Chinese cyber espionage group, using phishing campaigns to target Australian government institutions and wind turbine operators in the South China Sea by directing selected individuals to a …
Moisha Ransomware spotted launching highly targeted attacks
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Moisha ransomware based on .Net was first mentioned in mid-August, along with the PT_MOISHA team, the threat actor behind it. This ransomware was developed to carry out very targeted attacks, as …
RCE flaw resides in the Atlassian Bitbucket Server and Data Center
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Atlassian has patched a significant security hole in Bitbucket Server and Data Center, which could allow attackers to execute arbitrary code on susceptible systems. The vulnerability is identified as CVE-2022-36804 …
MuddyWater targets Israeli organizations by exploiting unpatched log4j vulnerabilities
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary MuddyWater, an Iranian threat actor, exploits Log4j two vulnerabilities in SysAid applications to target Israeli organizations. As soon as the attacker gains access to the targeted organization, it establishes persistence, dumps …
Kimsuky targets South Korean entities with phishing campaign
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary As of 2010, Kimsuky has targeted the governments, think tanks, media, and education entities of the United States and South Korea. Early in 2022, a new attack cluster GoldDragon was observed …