Security flaws in VMware products that can be leveraged in exploit chain attacks have been in the limelight in the cyber threat arena since May 2022, when CISA issued an alert warning of known remote code execution (RCE) and privilege escalation vulnerabilities. On August 9, 2022, VMware patched another set of vulnerabilities that might be […]
The US Critical Infrastructure Security Agency (CISA) expands its catalog of Known Exploited Vulnerabilities by documenting several new actively exploited directory traversal flaws. The bugs in question are an RCE flaw tagged CVE-2022-34713 and a path traversal vulnerability filed under CVE-2022-30333. Microsoft has acknowledged that a CVE-2022-34713 vulnerability is a variant of the Follina-like DogWalk […]
SOC Prime, Inc., provider of the world’s largest and most advanced threat detection marketplace, pioneer of Detection as Code, and the biggest commercial contributor to the generic Sigma rule language, today announced the appointment of a renowned industry veteran, Paul J. “P.J.” Bihuniak, as Chief Operating Officer (COO) to strengthen the company’s executive team. Paul […]
Ransomware attacks have become a constantly growing trend in the cyber threat arena since 2020, which continues to be on the rise in 2021-2022. Cybersecurity researchers have recently uncovered a new SolidBit ransomware variant, which targets gamers and social media users. The novel malware strain is spotted in the wild, being uploaded to GitHub and […]
A C2 platform called “Dark Utilities” was released in early 2022 and is currently getting traction among adversaries. Dark Utilities, a C2-as-a-Service (C2aaS), provides an affordable (at a starting price of just EUR 9,99) way of setting up an anonymous C&C infrastructure. The service allows for remote access, DDoS attacks, command execution, and cryptojacking. Security […]
Gwisin ransomware targeting Korean companies in multiple industries is currently on the increase in the cyber threat arena. Attributed to the Korean-speaking threat actors, Gwisin ransomware is leveraged in targeted attacks at specific organizations rather than random individuals and does not perform malicious behaviors on its own, which makes its detection harder. The ransomware is […]
Researchers revealed a critical security hole in 29 models of DrayTek Vigor routers, totaling more than 700,000 devices currently in use. DrayTek Vigor routers gained popularity during the worldwide shift to home offices during the pandemic and are mostly used by employees of small and medium-sized businesses in the UK, Netherlands, Vietnam, Taiwan, and Australia. […]
A novel attack framework called “Manjusaka” is currently making rounds in the wild. The name “Manjusaka,” which means “cow flower,” is far from denoting the high level of offense potential the attack framework bears. Deriving from ample evidence, the campaign operators behind this malware family are believed to be China-based. Developers of Manjusaka have designed […]
Amadey Bot, a notorious malware strain that first came to the cyber threat arena in 2018, is capable of stealing data and deploying other malicious payloads on the compromised system. It has been actively distributed across hacker forums to engage in offensive operations. Cybersecurity researchers have recently observed the distribution of a new version of […]
Security analysts report an increasing number of cases of adversarial abuse of software called ‘proxyware’. Users can install proxyware (operated via the client application) and become bandwidth donors by sharing their internet connection via services like Peer2Profit and IPRoyal. The hosts, incentivized with monetary rewards, enable other users to access the web from their location […]