Daily vulnerabilities and threat alerts!
Tuesday, 29 October 2024
Latest Critical & High Vulnerabilities
Latest Vulnerabilities
Latest Attack Reports
Malicious CAPTCHA delivers Lumma and Amadey Trojans
An adware campaign targets online users by presenting them with fake CAPTCHA or update prompts, tricking them into running malicious PowerShell commands that deploy credential-stealing malware like Lumma and Amadey. The attackers leverage ad networks to redirect victims to compromised sites hosting…
Downloadable IOCs 1
Docker Gatling Gun Campaign
Recent research has uncovered a new malicious campaign orchestrated by the notorious hacking group TeamTNT. This campaign exploits exposed Docker daemons to deploy Sliver malware, a cyber worm, and cryptominers, utilizing compromised servers and Docker Hub as infrastructure for spreading their mali…
Downloadable IOCs 11
Evasive Panda scouting cloud services
CloudScout is a post-compromise toolset used by Evasive Panda to target a Taiwanese government entity and religious organization between 2022 and 2023. The toolset can retrieve data from various cloud services using stolen web session cookies. It works with MgBot, Evasive Panda's malware framework,…
Downloadable IOCs 17
Hybrid Russian Espionage and Influence Campaign Aims to Compromise Ukrainian Military Recruits and Deliver Anti-Mobilization Narratives
A Russian hybrid espionage and influence operation, dubbed UNC5812, targets potential Ukrainian military recruits through a Telegram persona called 'Civil Defense'. The campaign delivers Windows and Android malware, including SUNSPINNER, PURESTEALER, and CRAXSRAT, while simultaneously spreading ant…
Downloadable IOCs 3
Chinese Hackers Toolkit Uncovered And Activity History Uncovered
A Chinese hacking group called 'You Dun' was discovered through an exposed open directory, revealing their comprehensive attack infrastructure. The group utilized sophisticated reconnaissance tools and exploited Zhiyuan OA software via SQL injection attacks, targeting South Korean pharmaceutical or…
Downloadable IOCs 7
Inside the Open Directory of the “You Dun” Threat Group
An open directory exposed a Chinese-speaking threat actor's toolkit and operational history. The actor conducted extensive scanning and exploitation targeting organizations in South Korea, China, Thailand, Taiwan, and Iran using tools like WebLogicScan, Vulmap, and Xray. The Viper C2 framework and …
Downloadable IOCs 3
Unauthorized RDP Connections For Cyberespionage Operations
Cyble Research and Intelligence Labs uncovered an ongoing cyberattack campaign utilizing malicious LNK files to gain unauthorized Remote Desktop access on compromised systems. The sophisticated multi-stage attack chain employs PowerShell and BAT scripts to evade detection, create administrative acc…
Downloadable IOCs 0
Malicious RDP Files Identified in Latest Attack on Ukrainian Entities
CERT-UA has uncovered a new malicious email campaign targeting Ukrainian government agencies, enterprises, and military entities. The campaign uses RDP configuration files to establish remote connections, enabling data theft and further malware deployment. Attributed to UAC-0215 and linked to APT29…
Downloadable IOCs 0
Uncovering the Lounge Pass Scam Campaign: Targeted Android SMS Stealer Preying on Air Travellers
A sophisticated scam targeting air travelers in Indian airports has been uncovered, involving a malicious Android app called 'Lounge Pass'. The app, distributed through fake domains, intercepts and forwards SMS messages from victims' devices to cybercriminals, resulting in significant financial los…
Downloadable IOCs 0
The Good, the Bad and the Ugly in Cybersecurity - Week 43
CISA proposes new security measures to protect sensitive data from adversary nations, following President Biden's Executive Order. A free file recovery tool for early Mallox ransomware victims is released. A novel macOS ransomware, macOS.NotLockBit, is discovered abusing AWS S3 for data exfiltratio…
Downloadable IOCs 0