Threat Intelligence

RCE vulnerability in Zimbra Collaboration Suite (ZCS) being actively exploited in the wild.

Category: Adversary Intelligence Threat Type: Hacktivism Industry: Government & Private Region: India Update 2: 13 June 2022, 18:30 IST CloudSEK’s researchers captured a member of the DragonForce forum executing the purported DDOS attack on the BJP official website. The IP address in the image matches the BJP’s server’s IP address (ie.104[.]18[.]130[.]37). In […]

AgainstTheWest targets WeChat & TikTok under Operation Renminbi. Over 2 billion user records and 790 GB files leaked. Alibaba Cloud instance exploited.

CloudSEK’s Customer Threat Research team discovered multiple assets on the internet that are still vulnerable to CVE-2017-7269, a remote code execution (RCE) vulnerability affecting IIS v6.0 - 2003 R2.

A post on a cybercrime forum is advertising the access to multiple VMware vCenter and ESXi servers.

Watch out for a new malware campaign that is distributing files titled “Interim Guidance for CoViD19,” to lure recipients into installing the RAT malware.

Two post-auth 0-day vulnerabilities were discovered in the latest version of the MS Exchange servers.The vulnerabilities are tagged CVE-2022-41040 (SSRF) and CVE-2022-41082 (RCE).

Academic data centers across Europe, North America, and China suffered a string of attacks that may have been carried out to mine Monero.