7 matches found
Rhysida Ransomware’s Decryptor is Now in Action
Summary: The Rhysida ransomware-as-a-service RaaS group poses a significant global threat, targeting diverse sectors. Recently, an implementation vulnerability in the source code of the Rhysida ransomware has been discovered. By exploiting this vulnerability to reconstruct encryption keys, it...
JetBrains TeamCity Authentication Bypass Flaw, Paving the Way for Server Takeover
Summary: JetBrains addressed a critical security flaw in its TeamCity On-Premises product. The vulnerability identified as CVE-2024-23917, could potentially allow an unauthorized attacker with HTTPS access to a TeamCity server to circumvent authentication mechanisms and acquire administrative...
FritzFrog Expanding Its Lethal Reach with Frog4Shell
Summary: The recent activities surrounding the FritzFrog Golang-based botnet reveal in its iterations, the employment of an exploit called Frog4Shell, capitalizing on the Log4Shell vulnerability. Threat Level - Red | Attack Report For a detailed threat advisory, download the pdf file here To...
COLDRIVER Expands Beyond Phishing, Incorporating Custom SPICA Backdoor
Summary: The threat actor associated with Russia, known as COLDRIVER or Star Blizard, has expanded its tactics from mere credential harvesting. The group has initiated campaigns where PDFs are employed as lure documents to distribute malware. Notably, COLDRIVER has introduced its first custom...
Gaza Cybergang’s Pierogi++ Upgrade Takes Center Stage
Summary: The Gaza Cybergang, a sophisticated threat actor, has recently intensified its attacks by deploying an advanced version of the Pierogi backdoor malware. This group focuses its cyber operations primarily on Palestinian entities and Israel, with a historical record of targeting entities...
Attacks on European Union and Ukrainian government entities carried out by the Armageddon group
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here The Computer Emergency Response Team of Ukraine CERT-UA has issued an alert warning of an ongoing spear-phishing attempt aimed at delivering an email with a malware attachment to Ukrainian government institutions and European...
MoonBounce: New malware deployed by APT41 in UEFI firmware
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. MoonBounce is a new type of malware that hides in the most complex part of an Operating System OS, the Basic Input Output System BIOS chip, and thus persists even after reinstalling your OS or formatting your hard drive...