ذكاء التهديدات

CloudSEK’s Threat Research team has analyzed the MS Office RCE 0day vulnerability that has been dubbed as Follina and has been given the CVE-2022-30190. The attack vector and the vulnerability very closely resembles CVE-2021-40444.

CloudSEK Threat Intelligence Advisory on Firestarter, created by DoNot APT, Android malware that abuses Google's Firebase Cloud Messaging

A post on a TOR-based private cybercrime dark web forum is advertising the source code of an advanced FUD ransomware, dubbed M3rcury.

CloudSEK Threat Intelligence Advisory on Joker malware, masquerades as legitimate mobile apps on Google Play store infecting Android devices.

There is a Critical VMWare zero-day command injection with escalated privileges, affecting six product lines, there is no vendor patch yet.

An RCE vulnerability in Zimbra webmail servers being actively exploited to target multiple organizations worldwide. The exploit was used to launch a spear phishing campaign against Europe.

CloudSEK’s contextual AI digital risk platform XVigil discovered a post by the Mysterious Team announcing the use of the Raven Storm tool DDoS attacks. The tool uses multi-threading for sending multiple packets at a single moment of time and getting the target down.

CloudSEK threat intelligence advisory on Anubis Android banking trojan that lures its victims through malicious applications.