Report

Threat Intel Roundup: ownCloud, APT-Q-36, AlfaC2, ActionRunner

Technical Summary 1. Vulnerability Report: CVE-2023-49103 in ownCloud 2. Advanced Persistent Threat (APT) Report: The Mahagrass Organization (APT-Q-36) and Spyder Downloader 3. Report on Abusing .NET Core CLR Diagnostic Features and CVE-2023-33127 4. Report on Malicious One File Evading Antivirus Solutions 5. Report on WebDAV Server and XWorm V5.2 Malware Campaign 6. Analysis of “AlfaC2”

More
Threat Intel Roundup: Splunk, D0nut, DarkGate, SentinelAgent

Threat Intel Roundup: Splunk, D0nut, DarkGate, SentinelAgent

Technical Summary 1. “Unveiling LummaC2 Stealer’s Novel Anti-Sandbox Technique: Leveraging Trigonometry for Human Behavior Detection” 2. “Hacking the Canon imageCLASS MF742Cdw/MF743Cdw” 3. “Report on Open Directory and Malicious Activities at 179.60.147[.176” 4. “D0nut Ransomware Analysis” by NCC Group 5. “Report on TA544’s Recent Campaign Utilizing Remcos Malware” 6. “Report on SentinelOne’s Process Dumping Capability and

More

Threat Intel Roundup: OpenVPN, eBPF, AsyncRAT, OpenSea

Week in Overview(7 Nov-14 Nov) Technical Summary 1. Kernel Exploit and Rootkit Detection Using eBPF 2. Email Phishing Campaigns Targeting OpenSea Users and Developers 3. Chrome Use-After-Free Vulnerability in WebAudio (CVE-2023-5996) Resolution: Ignoring channel count updates after the audio context is closed to prevent exploitation. 4. Malware Distribution via GitHub: Threat Actors Spreading AsyncRAT 5.

More
Threat Intel Roundup: VCenter, fsutil, AsyncRAT, Linkedin

Threat Intel Roundup: VCenter, fsutil, AsyncRAT, Linkedin

Week in Overview(31 Oct-7 Nov) Technical Summary AsyncRAT Malware Campaign Analysis:Threat: Sophisticated AsyncRAT malware.Method: Distributed via a malicious HTML file that employs a range of file types to bypass AV detection.Capabilities: Includes keylogging, data theft, and process injection into legitimate system processes for stealth. VMware vCenter Server Vulnerabilities (CVE-2023-34048 and CVE-2023-34056):Threat: Critical vulnerabilities, including an

More