Report

Threat Intel Roundup: Gitlab, Juniper, MageCart, SystemBC

Week in Overview(5 Dec-12 Dec) – 2024 Technical Summary 🚨 Vulnerability of the Week Juniper Networks has addressed a critical pre-authentication remote code execution (RCE) vulnerability, identified as CVE-2024-21591, in Junos OS on SRX firewalls and EX switches. This vulnerability could allow an unauthenticated, network-based threat actor to execute a range of attacks, including denial-of-service

More

Threat Intel Roundup: CrushFTP, CS2, Lazarus, Trigona

Week in Overview(5 Dec-12 Dec) Technical Summary 1. Trigona Ransomware 2. CrushFTP Vulnerability (CVE-2023-43177) 3. Lazarus Group’s Use of Log4j Vulnerability 4. X Malvertising Campaign Involving Fake Wallet App 5. Critical Security Exploit in CS2 Linked to Steam Names 6. Thirdweb’s Contracts Update and Subsequent Exploits 7. Sandman APT: China-Based Adversaries Embrace Lua 8. Gh0st

More

Threat Intel Roundup: WebKit, Akira, Kimsuky

Week in Overview(28 Nov-5 Dec) Technical Summary WebKit Vulnerabilities CVE-2023-42916 and CVE-2023-42917 2. APT Patchwork Cyber Attack Campaign 3. D-Link D-View Coreservice_Action_Script RCE Vulnerability (CVE-2023-44414) 4. OwnCloud CVE-2023-49103 5. KQL Queries for Tracking CISA Known Exploited Vulnerabilities 6. Report on “State of Cloud Security” by Datadog 7. “Your #Booking Admin Account #violates our partnership terms”

More

Threat Intel Roundup: ownCloud, APT-Q-36, AlfaC2, ActionRunner

Technical Summary 1. Vulnerability Report: CVE-2023-49103 in ownCloud 2. Advanced Persistent Threat (APT) Report: The Mahagrass Organization (APT-Q-36) and Spyder Downloader 3. Report on Abusing .NET Core CLR Diagnostic Features and CVE-2023-33127 4. Report on Malicious One File Evading Antivirus Solutions 5. Report on WebDAV Server and XWorm V5.2 Malware Campaign 6. Analysis of “AlfaC2”

More