Cisco IOS XR Flaws Enable Privilege Elevation and DoS Attacks
Summary: Three high-severity vulnerabilities have been discovered in the Cisco IOS XR software, posing risks of denial-of-service (DoS) attacks and elevation of privilege. These vulnerabilities are tracked as CVE-2024-20320, CVE-2024-20318, and CVE-2024-20327. Threat Level – Amber | Vulnerability Report For a detailed threat advisory, download the …
Critical XSS Flaw Discovered in WP Statistics Impacting 600K Sites
Summary: A critical Cross-Site Scripting (XSS) vulnerability (CVE-2024-2194) in WP Statistics plugin, allowing attackers to inject malicious code via the URL parameter. With over 600,000 installations, the flaw poses severe risks, enabling unauthorized script execution and potential data theft or site compromise. Update promptly to …
Magnet Goblin Strikes Public-Facing Servers
Summary: Magnet Goblin, characterized by its financial incentives, strategically exploits zero-day vulnerabilities within publicly accessible services by employing sophisticated malware sourced from the Nerbian family, which also includes NerbianRAT and MiniNerbian. Threat Level – Red | Actor Report For a detailed threat advisory, download the pdf …
TimbreStealer Focuses On Mexico With Social Engineering
Summary: Since at least November 2023, there has been a persistent phishing spam campaign targeting potential victims in Mexico. The campaign entices users to download TimbreStealer, a new information stealer that has been disguised. This campaign use financial-themed phishing emails to lure consumers into running …
Fortinet Releases Patches for Critical Vulnerabilities in Various Products
Summary: A critical SQL Injection vulnerability (CVE-2023-48788) in FortiClientEMS software enables attackers to execute unauthorized code or commands via specially crafted HTTP requests. Additionally, two other critical bugs in FortiOS and FortiProxy have been addressed. Update promptly to patched versions to prevent potential exploitation. Threat …
Malware Concealed Within PDFs for Data Theft
Summary: In a recently observed campaign an infostealer masquerading as the Adobe Reader installer was being distributed. The file is being distributed by the threat actor in PDF format, luring people to download and execute it, collecting sensitive information. Threat Level – Amber | Attack Report For …
VCURMS and STRRAT Trojans Using AWS and GitHub as Launchpads
Summary: A sophisticated phishing campaign is targeting personnel, enticing them to click on a seemingly innocuous button to authenticate payment details. However, this action initiates the download of a harmful JAR file from Amazon Web Services (AWS) onto the victim’s device. This malicious file serves …
Microsoft’s March 2024 Patch Tuesday Addresses 60 Vulnerabilities
Summary: Microsoft’s March 2024 Patch Tuesday addresses 60 vulnerabilities, including two critical vulnerabilities, spanning various products like Office, Exchange Server, and Windows Kernel. Critical flaws in Windows Hyper-V (CVE-2024-21407 and CVE-2024-21408) require immediate attention to mitigate potential risks. Threat Level – Red | Vulnerability Report …
Cisco Secure Client Flaw Enables Attackers To Steal VPN Sessions
Summary: A high severity vulnerability tracked as CVE-2024-20337 have been addressed by Cisco affecting its Secure Client software that could allow a threat actor to start a VPN session with the targeted user. Threat Level – Red | Vulnerability Report For a detailed threat advisory, download the pdf …
Evasive Panda China-Linked Cyberespionage Targeting Tibetans
Summary: Evasive Panda, a threat actor associated with China, has masterminded an intricate cyberespionage campaign targeting Tibetan users since at least September 2023. This operation employs both watering hole and supply chain attacks to achieve its objectives. Threat Level – Red | Attack Report For a detailed …