Week in Overview(26 Sep-3 Oct) Technical Summary 5. Threat Actors Utilizing Malicious PowerShell-Backed Steganography 6. DIAN Phishing Campaign Targeting Taxpayers 7. Using Silent SMS to Localize LTE Users – Proof of Concept Implementation 8. Critical Vulnerabilities in WS_FTP Server Exploited by Attackers (CVE-2023-40044 and CVE-2023-42657) 9. CVE-2023-29357 and CVE-2023-24955 Exploit Chain for Microsoft SharePoint Server
More
Week in Overview(19 Sep-26 Sep) Technical Summary 1. Malware Distribution from zzlsteel[.]cc and Associated C2 Domains 2. “Passport and KYC Documents[.]zip” Malware 3. Stealth Falcon Preying on Middle Eastern Skies with DeadGlypH 4. T-Mobile Employee PII Breach and Sony Data Breach 5. CVE-2023-41892 Craft CMS Remote Code Execution Vulnerability 6. From ScreenConnect to Hive Ransomware
More
Week in Overview(14 Sep-19 Sep) Technical Summary Silent Skimmer Campaign CVE-2023-34040 – Spring Kafka Deserialization RCE Vulnerability North Korean Lazarus Group’s Involvement in Cryptocurrency Hacks Microsoft AI Data Exposure of 38 Terabytes Exploitation of “search-ms” URI Protocol Handler Distributing XWorm Malware Lumma Stealer Malware Variant (14.09) Detection and Mitigation Key Findings it is crucial for
More
Week in Overview(5 Sep-12 Sep) Technical Summary Key Findings it is crucial for organizations and individuals to prioritize remediation and patching efforts to safeguard their systems and data. The following key findings highlight the importance of proactive measures to mitigate risks associated with various vulnerabilities and threats: 🚨 Vulnerability of the Week Apache Superset CVE-2023-39476
More