Report

Threat Intel Roundup: VMWare Aria, qBit, VBS, Redline

Week in Overview(17 Oct-24 Oct) Technical Summary Recent cybersecurity analyses have unearthed a variety of threats and vulnerabilities across different platforms and applications. Among them, the RedLine Stealer emerges as a potent threat, exemplifying the need for robust cybersecurity measures. A notable vulnerability, CVE-2023-36745, in Microsoft Exchange Server further accentuates the critical necessity for timely

More

Threat Intel Roundup: IIS, BLOODALCHEMY, Wordpad, CISCO

Week in Overview(10 Oct-17 Oct) Technical Summary 5. DarkGate Activity on IP 149.248.0.82: 🚨 Vulnerability of the Week IIS CVE-2023-36434 A significant security vulnerability, titled CVE-2023-36434, has been disclosed on October 10, 2023, impacting Microsoft’s Windows IIS Server. The vulnerability is categorized under “Elevation of Privilege,” posing potential threats to systems running vulnerable versions. The

More
Threat Intel Roundup: Confluence, ThreatSec, Cobalt

Threat Intel Roundup: Confluence, ThreatSec, Cobalt

Week in Overview(3 Oct-10 Oct) Technical Summary Zero-Day Privilege Escalation in Confluence Server and Data Center CVE: CVE-2023-22515 This zero-day vulnerability affects on-premises instances of Confluence Server and Confluence Data Center. Originally identified as a privilege escalation flaw, it was later classified as a broken access control issue. Attackers can exploit this vulnerability to create

More

Threat Intel Roundup: SharePoint, WS_FTP, Exim, Gotham Stealer

Week in Overview(26 Sep-3 Oct) Technical Summary 5. Threat Actors Utilizing Malicious PowerShell-Backed Steganography 6. DIAN Phishing Campaign Targeting Taxpayers 7. Using Silent SMS to Localize LTE Users – Proof of Concept Implementation 8. Critical Vulnerabilities in WS_FTP Server Exploited by Attackers (CVE-2023-40044 and CVE-2023-42657) 9. CVE-2023-29357 and CVE-2023-24955 Exploit Chain for Microsoft SharePoint Server

More