Threat Overview AlienVault has recently published a threat report highlighting the activities of several Chrome extensions that have been compromised. The affected extensions are linked to multiple suspicious domains resolving to the same IP address as
Continue ReadingMonth: December 2024
Andariel (SmallTiger) – ASEC
As a global cybersecurity community, it is essential to stay informed about emerging threats and cyber attacks. This article will provide an overview of the Andariel group and their recent activities in attacking Korean solution providers.
Continue Reading
Cloud Atlas: Using a New Backdoor, VBCloud, to Steal Data
According to a recent threat report published by CyberHunter_NL, the cyber-thieves group Cloud Atlas has been identified as using a new tool called VBCloud. This backdoor is targeted at victims in Eastern Europe and Central Asia
Continue Reading
Modiloader: Sophisticated Malware Delivery Chain from Obfuscated Batch File
An investigation of a file named 'Albertsons_payment.GZ' revealed a sophisticated malware delivery chain. The file, initially disguised as an image, was actually a Windows Cabinet file containing an obfuscated batch script. This script employed string slicing
Continue Reading
BeyondTrust Remote Support SaaS Service Security Investigation: A Critical Analysis of Cybersecurity Threats and Recommendations for Improved Posture
As a result of on-going investigation, a medium-severity vulnerability (BT24-11) was identified within our Remote Support and Privileged Remote Access products (both self-hosted and cloud). This finding highlights the importance of prioritizing cybersecurity and regular updates
Continue Reading
Hackers Exploit Microsoft Management Console to Drop Backdoor Payloads on Windows
Threat Report Hackers Use Microsoft Management Console to Deliver Malicious Payloads As outlined in a recent threat report, hackers have been exploiting the Microsoft Management Console (MMC) to deliver backdoor payloads on Windows systems. This sophisticated
Continue Reading
Hackers Exploit Microsoft Management Console to Drop Backdoor Payloads on Windows
Threat Report Hackers Use Microsoft Management Console to Deliver Malicious Payloads. As outlined in a recent threat report, hackers have been exploiting the Microsoft Management Console (MMC) to deliver backdoor payloads on Windows systems. This sophisticated
Continue Reading
Exploit attempts inspired by recent Struts2 File Upload Vulnerability (CVE-2024-53677, CVE-2023-50164) – SANS Internet Storm Center
Threat Overview Exploit attempts inspired by recent Struts2 File Upload Vulnerability (CVE-2024-53677, CVE-2023-50164) - SANS Internet Storm Center A recent threat report published by CyberHunter_NL on 2024-12-16T15:05:11.149Z highlights the exploitation of a vulnerability in Apache Struts2
Continue Reading
Exploited: Critical Vulnerabilities in Cleo File Transfer Software Widespread Exploitation
Threat Overview A recent threat report published by AlienVault highlights critical vulnerabilities in Cleo file transfer products, including VLTrader, Harmony, and LexiCom. These vulnerabilities are being actively exploited by attackers, who are dropping modular Java backdoors
Continue Reading
A new infostealer called VIPKeyLogger has been observed
Threat Overview A new infostealer called VIPKeyLogger has been observed with increased activity. It shares similarities with Snake Keylogger and is distributed through phishing campaigns. The malware is delivered as an archive or Microsoft 365 file
Continue Reading