Week in Overview(19 Sep-26 Sep) Technical Summary 1. Malware Distribution from zzlsteel[.]cc and Associated C2 Domains 2. “Passport and KYC Documents[.]zip” Malware 3. Stealth Falcon Preying on Middle Eastern Skies with DeadGlypH 4. T-Mobile Employee PII Breach and Sony Data Breach 5. CVE-2023-41892 Craft CMS Remote Code Execution Vulnerability 6. From ScreenConnect to Hive Ransomware
More
Week in Overview(14 Sep-19 Sep) Technical Summary Silent Skimmer Campaign CVE-2023-34040 – Spring Kafka Deserialization RCE Vulnerability North Korean Lazarus Group’s Involvement in Cryptocurrency Hacks Microsoft AI Data Exposure of 38 Terabytes Exploitation of “search-ms” URI Protocol Handler Distributing XWorm Malware Lumma Stealer Malware Variant (14.09) Detection and Mitigation Key Findings it is crucial for
More
Executive Summary Microsoft recently released patches for approximately 80 newly discovered security vulnerabilities on March 14, 2023 . Among these vulnerabilities are two zero-day vulnerabilities, CVE-2023-23397 and CVE-2023-24880 . The severity of these two exploits was rated using the Common Vulnerability Scoring System (CVSS), with scores of 9.8 and 5.1, respectively. In addition to the
More