THREATS  July  H  March(19)  April(93)  May(144)  June(75)  July(17) 

DATE

NAME

CATEGORY

SUBCATEGORIES

INFO

10.7.22 Rozena Backdoor Malware Backdoor In May 2022, Microsoft published an advisory about CVE-2022-30190, which is about a Microsoft Windows Support Diagnostic Tool (MSDT) remote code execution vulnerability.
10.7.22 CVE-2022-30190

Vulnerebility

Vulnerebility

Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability.
9.7.22 Robin Worm Malware Raspberry Raspberry Robin is a spreading threat, using specifically crafted Microsoft links (LNK files) to infect its victims. Cybereason observed delivery through file archives, removable devices (USB) or ISO files.
9.7.22 AstraLocker decryptor Anti-Ransom Tool Anti-Ransom Tool AstraLocker is a ransomware based on the leaked Babuk source code, and encrypts files using a modified HC-128 encryption algorithm, and Curve25519. The extension ".Astra" or ".babyk" is appended to files.
9.7.22 Dynamic analysis of firmware components in IoT devices Report Report Firmware analysis is an essential part of security research and targeted search for vulnerabilities in IoT products, vehicle components, industrial control systems, and a multitude of other types of software/hardware systems designed for various purposes.
9.7.22 The Week in Ransomware - July 8th 2022 - One down, many to go

Ransomware

Ransomware

The Week in Ransomware - July 8th 2022 - One down, many to go
8.7.22 Unprecedented Shift: The Trickbot Group is Systematically Attacking Ukraine APT APT Following ongoing research our team, IBM Security X-Force has uncovered evidence indicating that the Russia-based cybercriminal syndicate “Trickbot group” has been systematically attacking Ukraine since the Russian invasion
8.7.22 THREAT ANALYSIS REPORT: LockBit 2.0 - All Paths Lead to Ransom

Ransomware

Ransomware

In September 2019, a new version of a worm-like ransomware was reported. This ransomware was known as LockBit. Since then, a new variant of LockBit was discovered, dubbed–LockBit 2.0.
07.7.22 BPFDoor Malware Linux BPFDoor is a passive backdoor used by a China-based threat actor. This backdoor supports multiple protocols for communicating with a C2 including TCP, UDP, and ICMP allowing the threat actor a variety of mechanisms to interact with the implant.
07.7.22 Symbiote Linux Malware Linux Symbiote, a new “nearly impossible to detect” Linux malware, targeted financial sectors in Latin America—and the threat actors behind it might have links to Brazil.
07.7.22 OrBit

Vulnerebility

Vulnerebility

OrBit: New Undetected Linux Threat Uses Unique Hijack of Execution Flow
07.7.22 CVE-2022-2274

Vulnerebility

Vulnerebility

The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions.
5.7.22 CVE-2022-2294

Vulnerebility

Vulnerebility

relates to a heap overflow flaw in the WebRTC component that provides real-time audio and video communication capabilities in browsers without the need to install plugins or download native apps.
2.7.22 The Week in Ransomware - July 1st 2022 - Bug Bounties

Ransomware

Ransomware

The Week in Ransomware - July 1st 2022 - Bug Bounties
1.7.22 SessionManager Malware Backdoor Following on from our earlier Owowa discovery, we continued to hunt for more backdoors potentially set up as malicious modules within IIS, a popular web server edited by Microsoft. And we didn’t come back empty-handed…
1.7.22 CVE-2019-2725

Vulnerebility

Vulnerebility

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0.
1.7.22 CVE-2022-26134

Vulnerebility

Vulnerebility

In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance.