THREATS  April  H  March(19)  April(93)  May(144)  June(75)  July(17) 

DATE

NAME

CATEGORY

SUBCATEGORIES

INFO

30.4.22

15M rps HTTPS DDoS attack

Attack

HTTPS DDoS

Earlier this month, Cloudflare’s systems automatically detected and mitigated a 15.3 million request-per-second (rps) DDoS attack — one of the largest HTTPS DDoS attacks on record.

30.4.22

Bumblebee

Malware

Malware

Starting in March 2022, Proofpoint observed campaigns delivering a new downloader called Bumblebee. At least three clusters of activity including known threat actors currently distribute Bumblebee.

30.4.22

CVE-2022-23121

Vulnerebility

Vulnerebility

Upon the latest release of Netatalk 3.1.13, the Netatalk development team disclosed multiple fixed vulnerabilities affecting earlier versions of the software

30.4.22

TALONITE

Hacker Group

Hacker Group ICS

Dragos began tracking the TALONITE activity group in July 2019 with operations focusing on initial access compromises in the United States (U.S.) electric sector.

30.4.22

RedLine Stealer

Malware

Malware Stealer

At the start of the year, Bitdefender noticed a RIG Exploit Kit campaign using CVE-2021-26411 exploits found in Internet Explorer to deliver RedLine Stealer, a low-cost password stealer sold on underground forums.

30.4.22

PlugX

Malware

Malware

The threat group’s targeting shift could reflect a change in China’s intelligence collection requirements due to the war in Ukraine.

30.4.22

Package Planting

Malware

Malware

Aqua’s Team Nautilus found a logical flaw in npm that allows threat actors to masquerade a malicious package as legitimate and trick unsuspecting developers into installing it.

30.4.22

Nimbuspwn

Vulnerebility

Vulnerebility Linux

Microsoft finds new elevation of privilege Linux vulnerability, Nimbuspwn

27.4.22

GOLD ULRICK

Hacker Group

Hacker Group

GOLD ULRICK Leaks Reveal Organizational Structure and Relationships

27.4.22

GOLDBACKDOOR

Malware

Malware

GOLDBACKDOOR, an artifact that shares technical overlaps with another malware named BLUELIGHT, which has been previously linked to the group.

27.4.22

CVE-2022-22954

Vulnerebility

Vulnerebility

Tracked as CVE-2022-22954 (CVSS score: 9.8), the critical issue concerns a case of remote code execution (RCE) vulnerability affecting VMware Workspace ONE Access and Identity Manager.

27.4.22

CVE-2021-22204

Vulnerebility

Vulnerebility

After a deep security research by Cysource research team led by Shai Alfasi & Marlon Fabiano da Silva, we found a way to execute commands remotely within VirusTotal platform and gain access to its various scans capabilities.

27.4.22

Pink

Botnet

Botnet

On November 21, 2019, we got an interesting new botnet sample from the security community, the sample contained a large number of function names starting with “pink”, and we named it pink botnet.

27.4.22

Abcbot

Botnet

Malware

A New Evolving Wormable Botnet Malware Targeting Linux

27.4.22

Fodcha

Malware

Malware

A rapidly expanding malware is entrapping routers, DVRs, and servers all over the web in order to launch Distributed Denial-of-Service (DDoS) attacks on over 100 victims every day.

27.4.22

BotenaGo

Malware

Malware

BotenaGo is a relatively new malware written in Golang, Google’s open-source programming language.

27.4.22

ALPHV incident

Incidenty

Ransomware 

Breaking Down the Complexity of the Most Sophisticated Ransomware

23.4.22

CVE-2022-21449

Vulnerebility

Vulnerebility

(CVSS score: 7.5), impacts the following versions of Java SE and Oracle GraalVM Enterprise Edition

23.4.22

LemonDuck

Botnet

Cryptocurrency

LemonDuck, a well-known cryptomining botnet, is targeting Docker to mine cryptocurrency on Linux systems. This campaign is currently active.

23.4.22

CVE-2022-22721 

Vulnerebility

Vulnerebility

Possible buffer overflow with very large or unlimited LimitXMLRequestBody

23.4.22

CVE-2022-23943

Vulnerebility

Vulnerebility

Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server

23.4.22

CVE-2022-20773

Vulnerebility

Vulnerebility

(CVSS score: 7.5), the second flaw to be patched, concerns a static SSH host key that's present in Cisco Umbrella Virtual Appliance (VA) running a software version earlier than 3.3.2

23.4.22

More_eggs

Malware

Javascript/Backdoor

More_eggs is a JavaScript backdoor used by the Cobalt group.

23.4.22

CVE-2022-0071

Vulnerebility

Vulnerebility

CVSS scores: 8.8

23.4.22

CVE-2022-0070

Vulnerebility

Vulnerebility

CVSS scores: 8.8

23.4.22

CVE-2021-3101

Vulnerebility

Vulnerebility

CVSS scores: 8.8

23.4.22

CVE-2021-3100

Vulnerebility

Vulnerebility

CVSS scores: 8.8

23.4.22

CVE-2021-0674

Vulnerebility

Vulnerebility

CVSS score: 5.5, MediaTek) - A case of improper input validation in ALAC decoder leading to information disclosure without any user interaction

23.4.22

CVE-2021-0675 

Vulnerebility

Vulnerebility

(CVSS score: 7.8, MediaTek) - A local privilege escalation flaw in ALAC decoder stemming from out-of-bounds write

23.4.22

CVE-2021-30351 

Vulnerebility

Vulnerebility

(CVSS score: 9.8, Qualcomm) - An out-of-bound memory access due to improper validation of number of frames being passed during music playback

23.4.22

Hive Ransomware Analysis

Ransomware 

Ransomware Hive

Complete analyzes

21.4.22

CVE-2022-20685

Vulnerebility

Vulnerebility

21.4.22

CVE-2019-3568

Vulnerebility

Vulnerebility

 

21.4.22

CVE-2018-6882

Vulnerebility

Vulnerebility

 

21.4.22

CVE-2021-3972 

Vulnerebility

Vulnerebility

 

21.4.22

CVE-2021-3971 

Vulnerebility

Vulnerebility

 

21.4.22

CVE-2021-3970

Vulnerebility

Vulnerebility

 

21.4.22

SnatchCrypto

Operation

Cryptocurrency

 

18.4.22

PYSA Ransomware Group

Hacker Group

Ransomware

 

18.4.22

SolarMarker malware

Malware

Infostealer, Backdoor

 

17.4.22

Operation Dream Job

Operation

APT

 

16.4.22

Aethon TUG Home Base Server

ICS

ICS

 

16.4.22

Enemybot

BotNet

BotNet

 

16.4.22

ZLoader botnet

BotNet

BotNet

 

16.4.22

RedLine Stealer

Malware

Malware Stealer

 

16.4.22

CVE-2022-20695

Vulnerebility

Vulnerebility

 

16.4.22

INCONTROLLER

Malware

ICS Malware

 

16.4.22

PIPEDREAM

Malware

ICS Malware

 

16.4.22

AA22-103A

APT

ICS

 

16.4.22

CVE-2022-22954

Vulnerebility

Vulnerebility

 

14.4.22

Tarrask

Malware

Malware

 

14.4.22

Industroyer malware

Malware

Malware

 

14.4.22

Prometheus TDS

Malware

Malware Stealer

 

14.4.22

FFDroider

Malware

Malware Stealer

 

10.4.22

Reaper Botnet

BotNet

BotNet

 

10.4.22

BIOPASS RAT

Malware

Malware RAT

 

10.4.22

ShadowPad Malware

Malware

Malware

 

9.4.22

BlackCat group

Hacker Group

Hacker Group

 

9.4.22

Azerbaijanian operation

Operation

APT Espionage

 

9.4.22

Octo

Android Malware

Banking Malware

 

9.4.22

Denonia

Malware

Malware

 

9.4.22

Operation Bearded Barbie

Operation

APT

 

9.4.22

SharkBot

Android Malware

Banking Malware

 

9.4.22

Colibri

Malware

Malware

 

9.4.22

Cyclops Blink

BotNet

BotNet

 

6.4.22

FIN7

Cybercrime group

Cybercrime group

 

6.4.22

Cicada 

APT

APT GROUP

 

6.4.22

CVE-2022-22965

Vulnerebility

Spring4Shell Vulnerebility

 

6.4.22

Process Manager

Android Malware

Spyware

 

6.4.22

El Machete, Lyceum, and SideWinder

Malware

Malware espionage

 

6.4.22

BlackGuard

Malware

Malware Stealer

 

6.4.22

TOTOLINK Vulnerabilities

Vulnerebility

Vulnerebility

 

2.4.22

AcidRain

Malware

Data Wiper

 

2.4.22

DoubleZero

Malware

Data Wiper

 

2.4.22

CaddyWiper

Malware

Data Wiper

 

2.4.22

WhisperKill

Malware

Data Wiper

 

2.4.22

Gh0st RAT 

Malware

RAT

 

2.4.22

DeFiChain

Malware

Crypto Malware

2.4.22

CVE-2022-0342

Vulnerebility

Vulnerebility

 

2.4.22

CVE-2022-22587

Vulnerebility

IOMobileFrameBuffer

 

2.4.22

CVE-2022-22620

Vulnerebility

WebKit

 

2.4.22

Jupyter

Malware

Malware

 

2.4.22

Scarab

Malware

Ransomware

 

2.4.22

SpringShell

Vulnerebility

Vulnerebility

 

2.4.22

CVE-2022-0778

Vulnerebility

Vulnerebility

 

2.4.22

Mars Stealer

Malware

Malware Stealer

 

2.4.22

Oski Stealer

Malware

Malware Stealer

 

2.4.22

CVE-2022-22274 

Vulnerebility

Vulnerebility

 

2.4.22

ObliqueRAT

Malware

RAT

 

2.4.22

CapraRAT

Malware

RAT

 

2.4.22

CVE-2022-1040

Vulnerebility

Vulnerebility/Exploit

 

2.4.22

Verblecon

Malware

Crypto Malware

2.4.22

Wslink

Malware

Malware