ذكاء التهديدات

We discovered that Gimmick MacOS malware communicates only through their C2 server hosted on Google Drive. The malware was discovered in the first week of May and it has been actively targeting macOS devices

Category: Vulnerability Intelligence Vulnerability Class: Remote code execution CVE ID: To be assigned CVSS:3.0 Score: To be assigned Spring4Shell – Executive Summary A new critical zero-day vulnerability in the popular Spring framework for Java came into the spotlight when its exploit was first published by a Chinese security researcher “heige” on Twitter (@80vul). Later it was confirmed that a […]

XVigil discovered a threat actor advertising a macro RAT (Remote Access Trojan) dubbed “Ekipa", created by Russian hacktivists.

Raccoon Stealer that appeared in 2019 for the first time is still an ongoing threat, and targets users’ sensitive data including login credentials.

The leaked database contains blood group, mobile number, email ID, password, among other information pertinent to registered donors.

CloudSEK’s Threat Intelligence Research team analyzed the profile of the ransomware group named 54bb47h (Sabbath)

Category: Vulnerability Intelligence Vulnerability Class: Server-Side Template Injection/RCE CVE ID: CVE-2022-22954 CVSS:3.0 Score: 9.8 Executive Summary CloudSEK’s Customer Threat Research Team analyzed remote code execution impacting Vmware products that include Workspace ONE Access and Identity Manager. The VMware Workspace ONE Access provides users faster access to SaaS, web, and native mobile apps with Multi-Factor […]

CloudSEK Threat Intelligence Advisory on T-RAT, uses Telegram as its Command & Control channel, capable of keylogging, screen capture, etc.