ذكاء التهديدات

CVE-2023-42027 IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multi platforms 8.1, 8.2, 9.1 are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts

CloudSEK Threat Intelligence Advisory on Discord RCE vulnerability, achieved by chaining 3 security vulnerabilities, affects the web app.

We have discovered that the PowerExchange Backdoor is targeting Microsoft Exchange Servers and a Custom-made Powershell backdoor deployed on an unidentified UAE government entity.

Beware of malicious email attachments, downloads! A new COVID-themed malware disables Windows Task Manager, UAC, reboots the system, and overwrites the MBR.

Researchers at CloudSEK’s Threat Intelligence Team came across a malware strain dubbed ‘Swiftslicer’ linked with APT SandWorm.

A post on a cybercrime forum is advertising NLBrute RDP brute-forcing tool that runs on NLBrute 1.2 and a controlled botnet

CloudSEK Threat Intelligence Advisory on UNC1945, hacker group that utilizes critical flaw CVE-2020-14871 to compromise corporate networks

Goodwill ransomware group propagates very unusual demands in exchange for the decryption key. The Robin Hood-like group is forcing its Victims to donate to the poor and provides financial assistance to the patients in need.