ذكاء التهديدات

The email orders organizations to review the attachment and submit their plan of action to combat Coronavirus, much similar to APT36's pattern of attack.

KFC and McDonald’s were targeted via phishing campaigns. Campaigns aimed at the Saudi Arabia, UAE, and Singapore regions. Payment details has also been compromised.

RCE vulnerability targeting MS Exchange servers that enable attackers to compromise Internet-facing instances. The zero-day vulnerability is being actively exploited by threat actors to target Windows users.

A post on a cybercrime forum is advertising Slycer Ransomware, a Python-based malware that encrypts files and sends its decryption key to the attacker

BlackMatter ransomware operators claim that it combines the best aspects of REvil, Darkside, and Lockbit ransomware. They target a variety of industries with revenue higher than USD 1 million, with the exception of organizations in the healthcare, government, oil and gas, and non-profit sectors.

CloudSEK Threat Intel has detected a threat actor selling a list of systems on the Internet that are vulnerable to CVE-2018-13379 which is a Fortinet SSL VPN path traversal vulnerability.

Category: Vulnerability Intelligence Vulnerability Class: Access of Resource Using Incompatible Type CVE ID: CVE-2022-1096 CVSS:3.0 Score: 9.1 Executive Summary CloudSEK’s Threat Research Team has discovered a breach affecting ~0.5 million users due to an active zero-day vulnerability being exploited in the wild by the RedLine stealer malware. The zero-day vulnerability exploits all the chromium-based […]

CloudSEK’s Threat Research team has analyzed the MS Office RCE 0day vulnerability that has been dubbed as Follina and has been given the CVE-2022-30190. The attack vector and the vulnerability very closely resembles CVE-2021-40444.