ذكاء التهديدات

Andrastea threat actor group announced a data breach from MBDA, a European missile manufacturer having ties to NATO. Military sketches, documents underlying NATO’s requirements, and SOPs were exposed.

Gitpaste-12 is a wormable malware which has the ability to form a network of bots for crypto-mining which is now targeting Multiple Known Vulnerabilities.

CloudSEK’s AI powered Digital Risk Protection (DRP) Platform identified a Twitter account involved in a new type of phishing scam campaign where the threat actor is misusing Zoho Forms to steal information from banking customers.

CloudSEK’s contextual AI digital risk platform XVigil discovered a tweet by the threat group “Khalifah Cyber Crew” announcing a new campaign “OpsBantaiKaw2” for targeting Indian websites.

CloudSEK Threat Intelligence Advisory on Git LFS RCE vulnerability, allowing the attacker to exploit target app leading to ACE on the victim.

Grafana recently released an advisory and patch for a critical path traversal vulnerability which leads to an unauthenticated Local File inclusion. This vulnerability affects Grafana versions v8.0.0-beta1 through v8.3.0, however, the Grafana Cloud remains unaffected.

A post on a cybercrime forum is advertising a service allegedly claimed that it can embed documents with any malicious executables.

We have identified an increase in dark web discussions among threat actors, regarding CRM exploitation tactics and exposure of CRM credentials across code repositories such as Github and Bitbucket