Threat Advisories
Threat Advisories
APT28’s Tactical Exploitation of Critical Vulnerabilities
Summary: The APT28 adversary, originating from Russia, has garnered notoriety through sophisticated phishing activities. By exploiting patched vulnerabilities …
New Linux Krasue RAT Targeting Telecom Companies in Thailand
Summary: Krasue, a new Linux Remote Access Trojan, targets Thai organizations, primarily in telecommunications, using embedded rootkits and …
Star Blizzard Continues to Refine Their Tradecraft for Evasion and Stealth
Summary: The Russia-based threat actor, Star Blizzard, continues to utilize spear-phishing attacks successfully, targeting organizations and individuals across …
Atlassian Addresses Critical RCE Flaws
Summary: Four critical vulnerabilities, namely CVE-2023-22522, CVE-2023-22523, CVE-2023-22524, and CVE-2022-1471, have been identified impacting the Confluence, Jira, and …
A New Face of AsyncRAT Utilizes WSF Scripts to Spread
Summary: AsyncRAT is a remote access trojan (RAT) malware known for stealing credentials and executing various malicious activities …
DanaBot Stealer: Multistage MaaS Malware Resurfaces
Summary: DanaBot is a covert malware designed for the discreet theft of sensitive data for financial gain. Unlike …
From Brute-Force to BlueSky Ransomware
Summary: A focused campaign directed at publicly accessible MSSQL servers unfolded, entailing malicious actors’ utilization of Cobalt Strike …
Adobe ColdFusion Vulnerability Leads to Federal Agency Breach
Summary: Unidentified threat actors exploit Adobe ColdFusion vulnerability (CVE-2023-26360) on government servers, leading to potential unauthorized code execution. …
AeroBlade Swoops Down on U.S. Aerospace Giants
Summary: A US-based aerospace entity has become a victim of an intricate year-long cyber espionage campaign orchestrated by …
Novel Tool Set Targeting Entities in the Middle East, Africa, and U.S.
Summary: An undisclosed threat actor has targeted organizations in the Middle East, Africa, and the U.S., deploying a …
