THREATS April H March(19) April(93) May(144) June(75) July(17)
DATE |
NAME |
CATEGORY |
SUBCATEGORIES |
INFO |
30.4.22 |
Attack |
HTTPS DDoS |
Earlier this month, Cloudflare’s systems automatically detected and mitigated a 15.3 million request-per-second (rps) DDoS attack — one of the largest HTTPS DDoS attacks on record. |
|
30.4.22 |
Malware |
Malware |
Starting in March 2022, Proofpoint observed campaigns delivering a new downloader called Bumblebee. At least three clusters of activity including known threat actors currently distribute Bumblebee. |
|
30.4.22 |
Vulnerebility |
Vulnerebility |
Upon the latest release of Netatalk 3.1.13, the Netatalk development team disclosed multiple fixed vulnerabilities affecting earlier versions of the software |
|
30.4.22 |
Hacker Group |
Hacker Group ICS |
Dragos began tracking the TALONITE activity group in July 2019 with operations focusing on initial access compromises in the United States (U.S.) electric sector. |
|
30.4.22 |
Malware |
Malware Stealer |
At the start of the year, Bitdefender noticed a RIG Exploit Kit campaign using CVE-2021-26411 exploits found in Internet Explorer to deliver RedLine Stealer, a low-cost password stealer sold on underground forums. |
|
30.4.22 |
Malware |
Malware |
The threat group’s targeting shift could reflect a change in China’s intelligence collection requirements due to the war in Ukraine. |
|
30.4.22 |
Malware |
Malware |
Aqua’s Team Nautilus found a logical flaw in npm that allows threat actors to masquerade a malicious package as legitimate and trick unsuspecting developers into installing it. |
|
30.4.22 |
Vulnerebility |
Vulnerebility Linux |
Microsoft finds new elevation of privilege Linux vulnerability, Nimbuspwn |
|
27.4.22 |
Hacker Group |
Hacker Group |
GOLD ULRICK Leaks Reveal Organizational Structure and Relationships |
|
27.4.22 |
Malware |
Malware |
GOLDBACKDOOR, an artifact that shares technical overlaps with another malware named BLUELIGHT, which has been previously linked to the group. |
|
27.4.22 |
Vulnerebility |
Vulnerebility |
Tracked as CVE-2022-22954 (CVSS score: 9.8), the critical issue concerns a case of remote code execution (RCE) vulnerability affecting VMware Workspace ONE Access and Identity Manager. |
|
27.4.22 |
Vulnerebility |
Vulnerebility |
After a deep security research by Cysource research team led by Shai Alfasi & Marlon Fabiano da Silva, we found a way to execute commands remotely within VirusTotal platform and gain access to its various scans capabilities. |
|
27.4.22 |
Botnet |
Botnet |
On November 21, 2019, we got an interesting new botnet sample from the security community, the sample contained a large number of function names starting with “pink”, and we named it pink botnet. |
|
27.4.22 |
Botnet |
Malware |
A New Evolving Wormable Botnet Malware Targeting Linux |
|
27.4.22 |
Malware |
Malware |
A rapidly expanding malware is entrapping routers, DVRs, and servers all over the web in order to launch Distributed Denial-of-Service (DDoS) attacks on over 100 victims every day. |
|
27.4.22 |
Malware |
Malware |
BotenaGo is a relatively new malware written in Golang, Google’s open-source programming language. |
|
27.4.22 |
Incidenty |
Ransomware |
Breaking Down the Complexity of the Most Sophisticated Ransomware |
|
23.4.22 |
Vulnerebility |
Vulnerebility |
(CVSS score: 7.5), impacts the following versions of Java SE and Oracle GraalVM Enterprise Edition |
|
23.4.22 |
Botnet |
Cryptocurrency |
LemonDuck, a well-known cryptomining botnet, is targeting Docker to mine cryptocurrency on Linux systems. This campaign is currently active. |
|
23.4.22 |
Vulnerebility |
Vulnerebility |
Possible buffer overflow with very large or unlimited LimitXMLRequestBody |
|
23.4.22 |
Vulnerebility |
Vulnerebility |
Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server |
|
23.4.22 |
Vulnerebility |
Vulnerebility |
(CVSS score: 7.5), the second flaw to be patched, concerns a static SSH host key that's present in Cisco Umbrella Virtual Appliance (VA) running a software version earlier than 3.3.2 |
|
23.4.22 |
Malware |
Javascript/Backdoor |
More_eggs is a JavaScript backdoor used by the Cobalt group. |
|
23.4.22 |
Vulnerebility |
Vulnerebility |
CVSS scores: 8.8 |
|
23.4.22 |
Vulnerebility |
Vulnerebility |
CVSS scores: 8.8 |
|
23.4.22 |
Vulnerebility |
Vulnerebility |
CVSS scores: 8.8 |
|
23.4.22 |
Vulnerebility |
Vulnerebility |
CVSS scores: 8.8 |
|
23.4.22 |
Vulnerebility |
Vulnerebility |
CVSS score: 5.5, MediaTek) - A case of improper input validation in ALAC decoder leading to information disclosure without any user interaction |
|
23.4.22 |
Vulnerebility |
Vulnerebility |
(CVSS score: 7.8, MediaTek) - A local privilege escalation flaw in ALAC decoder stemming from out-of-bounds write |
|
23.4.22 |
Vulnerebility |
Vulnerebility |
(CVSS score: 9.8, Qualcomm) - An out-of-bound memory access due to improper validation of number of frames being passed during music playback |
|
23.4.22 |
Ransomware |
Ransomware Hive |
Complete analyzes |
|
21.4.22 |
CVE-2022-20685 |
Vulnerebility |
Vulnerebility |
|
21.4.22 |
Vulnerebility |
Vulnerebility |
||
21.4.22 |
Vulnerebility |
Vulnerebility |
||
21.4.22 |
CVE-2021-3972 |
Vulnerebility |
Vulnerebility |
|
21.4.22 |
CVE-2021-3971 |
Vulnerebility |
Vulnerebility |
|
21.4.22 |
CVE-2021-3970 |
Vulnerebility |
Vulnerebility |
|
21.4.22 |
Operation |
Cryptocurrency |
||
18.4.22 |
Hacker Group |
Ransomware |
||
18.4.22 |
Malware |
Infostealer, Backdoor |
||
17.4.22 |
Operation |
APT |
||
16.4.22 |
ICS |
ICS |
||
16.4.22 |
BotNet |
BotNet |
||
16.4.22 |
BotNet |
BotNet |
||
16.4.22 |
Malware |
Malware Stealer |
||
16.4.22 |
Vulnerebility |
Vulnerebility |
||
16.4.22 |
Malware |
ICS Malware |
||
16.4.22 |
Malware |
ICS Malware |
||
16.4.22 |
APT |
ICS |
||
16.4.22 |
Vulnerebility |
Vulnerebility |
||
14.4.22 |
Malware |
Malware |
||
14.4.22 |
Malware |
Malware |
||
14.4.22 |
Malware |
Malware Stealer |
||
14.4.22 |
Malware |
Malware Stealer |
||
10.4.22 |
BotNet |
BotNet |
||
10.4.22 |
Malware |
Malware RAT |
||
10.4.22 |
Malware |
Malware |
||
9.4.22 |
Hacker Group |
Hacker Group |
||
9.4.22 |
Operation |
APT Espionage |
||
9.4.22 |
Android Malware |
Banking Malware |
||
9.4.22 |
Malware |
Malware |
||
9.4.22 |
Operation |
APT |
||
9.4.22 |
Android Malware |
Banking Malware |
||
9.4.22 |
Malware |
Malware |
||
9.4.22 |
BotNet |
BotNet |
||
6.4.22 |
Cybercrime group |
Cybercrime group |
||
6.4.22 |
APT |
APT GROUP |
||
6.4.22 |
Vulnerebility |
Spring4Shell Vulnerebility |
||
6.4.22 |
Android Malware |
Spyware |
||
6.4.22 |
Malware |
Malware espionage |
||
6.4.22 |
Malware |
Malware Stealer |
||
6.4.22 |
Vulnerebility |
Vulnerebility |
||
2.4.22 |
Malware |
Data Wiper |
||
2.4.22 |
Malware |
Data Wiper |
||
2.4.22 |
Malware |
Data Wiper |
||
2.4.22 |
Malware |
Data Wiper |
||
2.4.22 |
Malware |
RAT |
||
2.4.22 |
Malware |
Crypto Malware |
|
|
2.4.22 |
Vulnerebility |
Vulnerebility |
||
2.4.22 |
Vulnerebility |
IOMobileFrameBuffer |
||
2.4.22 |
Vulnerebility |
WebKit |
||
2.4.22 |
Malware |
Malware |
||
2.4.22 |
Malware |
Ransomware |
||
2.4.22 |
Vulnerebility |
Vulnerebility |
||
2.4.22 |
Vulnerebility |
Vulnerebility |
||
2.4.22 |
Malware |
Malware Stealer |
||
2.4.22 |
Malware |
Malware Stealer |
||
2.4.22 |
Vulnerebility |
Vulnerebility |
||
2.4.22 |
Malware |
RAT |
||
2.4.22 |
Malware |
RAT |
||
2.4.22 |
Vulnerebility |
Vulnerebility/Exploit |
||
2.4.22 |
Malware |
Crypto Malware |
|
|
2.4.22 |
Malware |
Malware |