Two zero-day vulnerabilities in macOS when chained can take over the entire system
Hive Pro Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary Two zero-day vulnerabilities have been discovered in Apple macOS. Both could allow an attacker to execute arbitrary code. These new issues bring the total number of zero-day vulnerabilities discovered in the Apple …
Chrome’s zero-day flaw allows arbitrary code execution
Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary A vulnerability(CVE-2022-2856) in Google Chrome, has been exploited in the wild. Additionally, Chrome has addressed several other use-after-free vulnerabilities in multiple components, including FedCM, SwiftShader, ANGLE, and Blink. …
Unknown Attackers exploit several vulnerabilities in Zimbra Collaboration Suite
Threat Level Attack Report For a detailed advisory, download the pdf file here Summary The Zimbra Collaboration Suite (ZCS) email servers experienced multiple breaches between July and early August 2022. The exploitation of CVE-2022-27925, a remote-code-execution (RCE) vulnerability in ZCS, was most likely the cause of …
APT-C-35 infection chain adds novel Windows framework modules
Threat Level Actor Report For a detailed advisory, download the pdf file here Summary APT-C-35 is an advanced persistent threat actor that has been active since 2016. The gang has upgraded its Windows spyware architecture, dubbed YTY, Jaca. They target South Asian government and military institutions, …
Vulnerabilities & Threats that Matter 08 – 14th Aug
Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 563 14 3 69 08 71 For a detailed threat digest, download the pdf file here Summary The second week of August 2022 witnessed the discovery of 563 vulnerabilities out of which 14 …
BlueSky ransomware incorporates Multithreading to expedite encryption
Threat Level Attack Report For a detailed advisory, download the pdf file here Summary BlueSky ransomware is actively targeting businesses and demanding a ransom. It appears that they have ties with the Conti ransomware group. The malware is now primarily targeting Windows hosts and uses multithreading …
Zeppelin ransomware target organization in Europe and USA
Threat Level Attack Report For a detailed advisory, download the pdf file here Summary Zeppelin, the newest member of the Delphi-based Vega ransomware family, has been quite clever in meticulously tailoring these ransomware operations. Zeppelin, first identified in 2019 as ransomware-as-a-service (RaaS) , has been predominantly …
Who is behind the Cisco attack?
Threat Level Attack Report For a detailed advisory, download the pdf file here Summary Cisco has revealed that they have faced a breach carried out by threat actors, the UNC2447, the Lapsus$, and the Yanluowang ransomware gang. They stole around 2.8 GB of data, which included …
Zero-day vulnerability leveraged to deploy Cuba Ransomware
Threat Level Attack Report For a detailed advisory, download the pdf file here Summary The threat actors behind the Cuba ransomware have stepped up their game by using a new Remote Access Trojan called ROMCOM and weaponizing a local privilege escalation vulnerability(CVE-2022-24521). A wide range of …
Microsoft tackles DogWalk zero-day vulnerability and multiple privilege escalation vulnerabilities
Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary Microsoft Patch Tuesday addresses CVE-2022-34713, also known as DogWalk, as well as numerous issues affecting Microsoft Exchange Server, Microsoft Windows Support Diagnostic Tool (MSDT), Windows Print Spooler Components, and Windows Secure Boot, …