Threat Intelligence

CloudSEK Threat Intelligence Advisory on Discord RCE vulnerability, achieved by chaining 3 security vulnerabilities, affects the web app.

A post on a cybercrime forum, advertising 21 million user records of Microsoft coincides with the corporate giant's latest advisory on a Cosmos DB vulnerability.

CloudSEK’s contextual AI digital risk platform XVigil has spotted an advertisement where a short tutorial is provided on how the Hayya Card registration facility could be misused by threat actors to create multiple copies of the card.

A post on a cybercrime forum is advertising NLBrute RDP brute-forcing tool that runs on NLBrute 1.2 and a controlled botnet

CloudSEK’s flagship digital risk monitoring platform XVigil discovered a post on a cybercrime forum, advertising the PII records of 30 million T-Mobile users, including their SSN, driver’s license, and date of DoB.

On 22 October, attackers hijacked the NPM account of the developer of UAParser.js, a library used to detect users’ browser types and operating systems

The Log4Shell vulnerability, tracked as CVE-2021-4428, has the highest severity of CVSS 10, as it enables unauthenticated remote code execution and is already being exploited in the wild.

Goodwill ransomware group propagates very unusual demands in exchange for the decryption key. The Robin Hood-like group is forcing its Victims to donate to the poor and provides financial assistance to the patients in need.