Week in Overview(24July-30 July) Technical Summary $2.54M Worth of WBTC Lost: A recent cryptocurrency scam resulted in the loss of approximately $2.54 million worth of Wrapped Bitcoin (WBTC). Further details about the scam, including the method used to deceive victims and the address of the transaction, have not been provided. RCE Exploit Attempt Targeting ZTEUSA
More
Week in Overview(17July-24 July) Technical Summary XWorm Spreading Through WebDav Server:This report highlights the XWorm malware, a sophisticated threat spreading via a WebDav server hosted at @TheDriveHQ. The malware uses LNK files, PowerShell, WebDav, ZIP archives, and batch files for execution. It targets clipboard data and post-exploitation techniques for maximum impact. Security Advisory: Ursnif Intrusion
More
Threat Intel Roundup: Office, Zimbra, GhostSec, DLL Sideloading Technical Summary PHP-CGI Exploit Attempts: Phishing Sites Impersonating ARKHAM: Key Findings it is crucial for organizations and individuals to prioritize remediation and patching efforts to safeguard their systems and data. The following key findings highlight the importance of proactive measures to mitigate risks associated with various vulnerabilities
More
Threat Intel Roundup: RocketMQ, APT-C-36, FortiGate Data Breach at Federal Board of Intermediate and Secondary Education, 800 Gbps DDoS Attack, VulnCheck Identifies Remote Command Injection in Contec SolarView Technical Summary RocketMQ Remote Command Execution: RocketMQ versions 5.1.0 and below are vulnerable to remote command execution due to certain conditions. This vulnerability affects multiple components, including
More