Microsoft patches a vulnerability that was used in MysterySnail RAT Campaign
Hive Pro
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. An APT espionage campaign leveraged a zero-day exploit for Microsoft Windows to escalate privileges and obtain access to Windows servers. The exploit chain culminated in the installation of a newly discovered remote access trojan …
Iranian APT is targeting Middle Eastern Aerospace and Telecommunications companies
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. ShellClient is a powerful new Remote Access Trojan (RAT) that was used in highly targeted attacks on a select few Aerospace and Telecommunications firms, primarily in the Middle East, with other victims in the …
Multiple vulnerabilities have been discovered in the Apache HTTP Server
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. There is a zero-day vulnerability (CVE-2021-41773) and a DoS vulnerability (CVE-2021-41524) in Apache HTTP servers. After a publicly disclosed exploit, the zero-day vulnerability has been actively exploited in the wild. The Hive Pro Threat …
Another day, another zero-day for Google Chrome
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Google has published an emergency fix (94.0.4606.71) to address the latest zero-day vulnerabilities (CVE 2021 37975, CVE 2021 37976). These are the fourth and fifth zero days of the month. These flaws have been …
Chrome’s eleventh zero-day vulnerability for the year 2021 has been patched
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. A vulnerability in Chrome and Microsoft edge(Chromium based) exists as a result of a use-after-free issue when processing HTML data in Google Chrome’s Portals component. A remote attacker can create a specially designed site, …
Are you a victim of the Conti Ransomware?
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. Conti Ransomware targets enterprises who have not patched their systems by exploiting old vulnerabilities. Conti Ransomware steals sensitive information from businesses and demands a ransom in exchange. CISA has issued a warning about the …
ManageEngine ADSelfService Plus has been abused in the wild due to a zero-day vulnerability
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. An APT actor is attempting to exploit a zero-day vulnerability in ManageEngine ADSelfService Plus, a self-service password management and single sign-on solution that poses a high risk to critical infrastructure companies, US-cleared defense contractors, …
Threat actors are actively exploiting OMIGOD vulnerabilities impacting Microsoft Azure
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Azure VMs using Linux management solutions with Azure Automation, Azure Automatic Update, Azure Operations Management Suite (OMS), Azure Log Analytics, Azure Configuration Management, or Azure Diagnostics are affected by OMIGOD. Attackers can remotely exploit …
Google patches chrome zero-day vulnerabilities being exploited in the wild
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. Google just released a major security update for Google Chrome that addresses eleven vulnerabilities, including two zero-day flaws that have been exploited in the wild. A remote attacker might take use of the flaws …