Author: admin

Threat Intel Roundup: Outlook, SmartScreen, Lockbit

Threat Intel Roundup: Outlook, SmartScreen, Lockbit

Week in Overview(13 Feb-20 Feb) – 2024 Technical Summary 4. Security Advisory Summary Report for CVE-2024-21412: 5. CVE-2024-21413 | Microsoft Outlook Remote Code Execution Vulnerability PoC: Week in Overview(13 Feb-20 eb) – 20 🚨 Vulnerability of the Week The vulnerability, termed the #MonikerLink bug, is assigned CVE-2024-21413 with a CVSS score of 9.8. It allows

More
Threat Intel Roundup: FortiOS, Super Bowl, Chrome, APT15

Threat Intel Roundup: FortiOS, Super Bowl, Chrome, APT15

Week in Overview(6 Feb-13 Feb) – 2024 Technical Summary Technical Summary: Chinese APT Groups Exploiting SOHO Facilities for Cyberespionage Chinese Advanced Persistent Threat (APT) groups, particularly APT15 (Vixen Panda, Ke3chang) and APT31 (Zirconium, Judgment Panda), have been identified as exploiting Small Office/Home Office (SOHO) facilities for cyberespionage operations, primarily targeting government and political institutions. These

More
Threat Intel Roundup: Anydesk, FortiSIEM, Ivanti, Mastodon

Threat Intel Roundup: Anydesk, FortiSIEM, Ivanti, Mastodon

Week in Overview(30 Jan-6 Feb) – 2024 Technical Summary 🚨 Vulnerability of the Week FortiSIEM CVE-2024-23109 Fortinet FortiSIEM, versions 6.4.0 through 7.1.1, has been found vulnerable to an “improper neutralization of special elements used in an OS command” (OS command injection) flaw. This vulnerability allows attackers to execute unauthorized code or commands through crafted API

More
Threat Intel Roundup: Jenkins, ScarCruft, Midnight Blizzard

Threat Intel Roundup: Jenkins, ScarCruft, Midnight Blizzard

Week in Overview(23 Jan-30 Jan) – 2024 Technical Summary 1. ScarCruft Campaign Targeting Cybersecurity Professionals: 2. Proxying Windows Tools Through SOCKS for Offensive Use: 3. AllaKore RAT Targeting Mexican Banks and Crypto Platforms: 4. CVE-2023-41474: Ivanti Avalanche Directory Traversal Flaw: 5. Microsoft’s Response to the Midnight Blizzard (Nobelium) Nation-State Attack: 6. CVE-2024-0204 RCE Exploit in

More