Lucene search
K

60 matches found

The Hacker News
The Hacker News
added 2024/10/17 10:15 a.m.62 views

SideWinder APT Strikes Middle East and Africa With Stealthy Multi-Stage Attack

An advanced persistent threat APT actor with suspected ties to India has sprung forth with a flurry of attacks against high-profile entities and strategic infrastructures in the Middle East and Africa. The activity has been attributed to a group tracked as SideWinder, which is also known as...

9.3CVSS8.8AI score0.99945EPSS
Exploits33
hivepro
hivepro
added 2023/12/28 2:23 p.m.49 views

Cloud Atlas Exploits Six-Year-Old Flaw to Target Russian Companies

Summary: The threat actor Cloud Atlas has been identified in spear-phishing attacks targeting Russian enterprises. The modus operandi involves a phishing message in the initial stage, containing a lure document that exploits CVE-2017-11882, a memory corruption vulnerability in Microsoft Offices...

9.3CVSS7.7AI score0.99945EPSS
Exploits33
The Hacker News
The Hacker News
added 2023/12/25 7:47 a.m.87 views

Cloud Atlas' Spear-Phishing Attacks Target Russian Agro and Research Companies

The threat actor referred to as Cloud Atlas has been linked to a set of spear-phishing attacks on Russian enterprises. Targets included a Russian agro-industrial enterprise and a state-owned research company, according to a report from F.A.C.C.T., a standalone cybersecurity company formed after...

9.3CVSS7.7AI score0.99945EPSS
Exploits33
The Hacker News
The Hacker News
added 2023/12/21 7:22 a.m.77 views

Hackers Exploiting MS Excel Vulnerability to Spread Agent Tesla Malware

Attackers are weaponizing an old Microsoft Office vulnerability as part of phishing campaigns to distribute a strain of malware called Agent Tesla. The infection chains leverage decoy Excel documents attached in invoice-themed messages to trick potential targets into opening them and activate the...

9.3CVSS8.3AI score0.99945EPSS
Exploits41
The Hacker News
The Hacker News
added 2023/09/06 1:50 p.m.57 views

Alert: Phishing Campaigns Deliver New SideTwist Backdoor and Agent Tesla Variant

The Iranian threat actor tracked as APT34 has been linked to a new phishing attack that leads to the deployment of a variant of a backdoor called SideTwist. "APT34 has a high level of attack technology, can design different intrusion methods for different types of targets, and has supply chain...

9.3CVSS7.7AI score0.99945EPSS
Exploits36
Qualys Blog
Qualys Blog
added 2023/09/04 2:0 p.m.135 views

Qualys Top 20 Most Exploited Vulnerabilities

The earlier blog posts showcased an overview of the vulnerability threat landscape that is either remotely exploited or most targeted by attackers. A quick recap – We focused on high-risk vulnerabilities that can be remotely exploited with or without authentication, and with the view on the time ...

10CVSS10.8AI score0.99999EPSS
Exploits1002
Securelist
Securelist
added 2022/08/08 8:0 a.m.875 views

Targeted attack on industrial enterprises and public institutions

In January 2022, Kaspersky ICS CERT experts detected a wave of targeted attacks on military industrial complex enterprises and public institutions in several countries. In the course of our research, we were able to identify over a dozen of attacked organizations. The attack targeted industrial...

9.3CVSS8.7AI score0.99945EPSS
Exploits33
ThreatPost
ThreatPost
added 2022/05/23 12:7 p.m.312 views

Snake Keylogger Spreads Through Malicious PDFs

While most malicious e-mail campaigns use Word documents to hide and spread malware, a recently discovered campaign uses a malicious PDF file and a 22-year-old Office bug to propagate the Snake Keylogger malware, researchers have found. The campaign—discovered by researchers at HP Wolf...

9.3CVSS8.6AI score0.99945EPSS
Exploits33References4
hivepro
hivepro
added 2022/03/18 8:27 a.m.243 views

Russian threat actor UAC-0056 targets European countries

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. The Governmental Computer Emergency Response Team of Ukraine CERT-UA has released an alert about a Russian threat actor UAC-0056 SaintBear, UNC2589, TA471 delivering malwares using email attachments. UNC2589 is a cyber...

9.3CVSS8.4AI score0.99945EPSS
Exploits33
Malwarebytes
Malwarebytes
added 2022/03/09 7:35 p.m.106 views

FormBook spam campaign targets citizens of Ukraine️

Our Threat Intelligence team has been closely monitoring cyber threats related to the war in Ukraine. Today, we discovered a malicious spam campaign dropping the Formbook stealer specifically targeting Ukrainians. Formbook is part of a long-running malspam operation that we observe on a regular...

9.3CVSS0.7AI score0.99945EPSS
Exploits33
Malwarebytes
Malwarebytes
added 2022/03/05 5:35 p.m.447 views

Beware of malware offering “Warm greetings from Saudi Aramco”

Recently, the Malwarebytes Threat Intelligence Team found a Formbook campaign targeting oil and gas companies. The campaign they discovered was delivered by a targeted email that contained two attachments, one is a pdf file and the other an Excel document. Formbook The Formbook malware is an...

9.3CVSS8.6AI score0.99945EPSS
Exploits33
Talos Blog
Talos Blog
added 2021/10/26 1:13 p.m.206 views

Malicious campaign uses a barrage of commodity RATs to target Afghanistan and India

Cisco Talos recently discovered a threat actor using political and government-themed malicious domains to target entities in India and Afghanistan.These attacks use dcRAT and QuasarRAT for Windows delivered via malicious documents exploiting CVE-2017-11882 — a memory corruption vulnerability in...

9.3CVSS3.5AI score0.99945EPSS
Exploits33
ThreatPost
ThreatPost
added 2021/07/16 9:7 p.m.527 views

Top CVEs Trending with Cybercriminals

Criminal small talk in underground forums offer critical clues about which known Common Vulnerabilities and Exposures CVEs threat actors are most focused on. This, in turn, offers defenders clues on what to watch out for. An analysis of such chatter, by Cognyte, examined 15 cybercrime forums...

10CVSS9.3AI score0.99999EPSS
Exploits491References15
Openbugbounty
Openbugbounty
added 2020/08/12 4:7 p.m.7 views

ticketpass.fr Cross Site Scripting vulnerability OBB-1258115

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

0.7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/04/26 1:45 p.m.11 views

rupert.id.au Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1150677 Security Researcher roker Helped patch 51 vulnerabilities Received 2 Coordinated Disclosure badges Received 4 recommendations , a holder of 2 badges for responsible and coordinated disclosure, found a security vulnerability affecting rupert.id.au website and its...

0.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/04/06 5:3 a.m.22 views

biaindiana.org Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1134453 Security Researcher geeknik Helped patch 8949 vulnerabilities Received 8 Coordinated Disclosure badges Received 21 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting biaindiana.org website and...

0.2AI score
Exploits0
Talos Blog
Talos Blog
added 2020/02/12 12:8 p.m.424 views

Loda RAT Grows Up

By Chris Neal. Over the past several months, Cisco Talos has observed a malware campaign that utilizes websites hosting a new version of Loda, a remote access trojan RAT written in AutoIT. These websites also host malicious documents that begin a multi-stage infection chain which ultimately serve...

9.3CVSS8.4AI score0.99945EPSS
Exploits33
Openbugbounty
Openbugbounty
added 2019/11/02 3:2 p.m.14 views

stroyportal-volga.ru Cross Site Scripting vulnerability

Security Researcher Faizanmark Helped patch 76 vulnerabilities Received 6 Coordinated Disclosure badges Received 58 recommendations , a holder of 6 badges for responsible and coordinated disclosure, found a security vulnerability affecting stroyportal-volga.ru website and its users. Following...

0.2AI score
Exploits0
GithubExploit
GithubExploit
added 2019/08/14 11:55 a.m.2 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

Overview of CVE-2017-11882 In terms of vulnerability exploit...

9.3CVSS7.8AI score0.99945EPSS
Exploits33
ThreatPost
ThreatPost
added 2019/06/10 4:10 p.m.252 views

Microsoft Warns of Email Attacks Executing Code Using an Old Bug

Microsoft is warning of a fresh email campaign that distributes malicious RTF files boobytrapped with an exploit dating back to a 2017 vulnerability, CVE-2017-11882. The exploit allows attackers to automatically run malicious code without requiring user interaction. “The CVE-2017-11882...

9.3CVSS0.4AI score0.99945EPSS
Exploits33References7
Rows per page
Query Builder