Unknown threat groups continues to exploit Log4j in VMware Products
Threat Level Attack Report For a detailed advisory, download the pdf file here Summary An unknown APT group is exploiting the Log4j vulnerability that is affecting VMware Horizon and Unified Access Gateway (UAG) servers to compromise the system and take over the entire network by deploying …
APT28 exploits Follina to deploy CredoMap
Threat Level Actor Report For a detailed advisory, download the pdf file here Summary Google Chrome addresses nine vulnerabilities in its latest stable channel update for Windows, Mac, and Linux …
Google addresses new vulnerabilities in Chrome
Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary Google Chrome addresses nine vulnerabilities in its latest stable channel update for Windows, Mac, and Linux …
ToddyCat exploits unknown vulnerability in Microsoft Exchange servers to targets entities in Europe and Asia
Threat Level Actor Report For a detailed advisory, download the pdf file here Summary ToddyCat, an APT group is deploying web shells by exploiting an unknown vulnerability in the Microsoft Exchange Servers. They are initiating a multi-stage infection that aims at governmental bodies in Europe and …
DriftingCloud exploits zero-day in Sophos firewall
Threat Level Attack Report For a detailed advisory, download the pdf file here Summary The Chinese APT actor DriftingCloud exploits the RCE vulnerability in Sophos firewall to take over the entire network …
New vulnerability allows attackers to takeover entire WordPress website
Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary An unauthenticated attacker can call multiple methods in Ninja Forms class in order to inject objects to eventually perform Remote Code Execution(RCE). …
Vulnerability in Zimbra that steals clear-text credentials from users
Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary A new vulnerability in Zimbra allows an attacker to steal cleartext credentials from instances via Memcache injection. Over 200,000 users logged in can be impacted by the security flaw. …
Iranian APT targets Middle East’s Energy & Telecommunications industry
Threat Level Attack Report For a detailed advisory, download the pdf file here Summary A new campaign has been launched by a state-sponsored Iranian APT group, Lyceum to target organizations from the Middle East in the energy and telecommunication sectors. They have been observed deploying a …
Deserialization of untrusted data by Fastjson library leads to RCE
Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary Applications using the Fastjson java library are impacted by remote code execution vulnerability. …
GALLIUM targets Telecommunications sector using new PingPull tool
Threat Level Actor Report For a detailed advisory, download the pdf file here Summary A new, difficult-to-detect remote access trojan known as PingPull has been discovered and is used by GALLIUM (also known as Softcell), an APT group. They have expanded by targeting telecommunications, finance and …