Category: Reports

Threat Intel Roundup: Winrar, Discord, USDC Holdings

Threat Intel Roundup: Winrar, Discord, USDC Holdings

Week in Overview(14 Aug-21 Aug) Technical Summary WinRAR CVE-2023-40477 RCE CVE-2023-40477 is a Remote Code Execution (RCE) vulnerability in WinRAR, a popular Windows file archiver utility. This high-severity flaw is attributed to inadequate validation of user-supplied data in the processing of recovery volumes. Attackers exploit this vulnerability by crafting specially designed RAR archive files. When

More
Threat Intel Roundup: Exchange, LOCKBIT, TA558, GhostRAT

Threat Intel Roundup: Exchange, LOCKBIT, TA558, GhostRAT

Technical Summary Vulnerabilities in CODESYS V3 SDK Could Lead to OT Environments Being Exploited Using RCE & DoS Attacks: Multiple high-severity vulnerabilities have been identified within the CODESYS V3 software development kit (SDK), used to program programmable logic controllers (PLCs). These vulnerabilities affect versions prior to 3.5.19.0. Exploitation could result in remote code execution (RCE)

More
Threat Intel Roundup: Mikrotik, ICS, Mirai, IcedID

Threat Intel Roundup: Mikrotik, ICS, Mirai, IcedID

Week in Overview(24July-30 July) Technical Summary $2.54M Worth of WBTC Lost: A recent cryptocurrency scam resulted in the loss of approximately $2.54 million worth of Wrapped Bitcoin (WBTC). Further details about the scam, including the method used to deceive victims and the address of the transaction, have not been provided. RCE Exploit Attempt Targeting ZTEUSA

More
Threat Intel Roundup: OpenSSH, Pwc, CloudPanel 0day, Citrix

Threat Intel Roundup: OpenSSH, Pwc, CloudPanel 0day, Citrix

Week in Overview(17July-24 July) Technical Summary XWorm Spreading Through WebDav Server:This report highlights the XWorm malware, a sophisticated threat spreading via a WebDav server hosted at @TheDriveHQ. The malware uses LNK files, PowerShell, WebDav, ZIP archives, and batch files for execution. It targets clipboard data and post-exploitation techniques for maximum impact. Security Advisory: Ursnif Intrusion

More