F5 Networks, a company that specializes in the development and distribution of software and hardware solutions, has released a Security Advisory on May 4, 2022, addressing a number of issues in their products. Shortly after, the BIG-IP family of products was hit with multiple exploitations in the wild following the publicly published proof-of-concept for a […]
Recent cybersecurity research has uncovered AvosLocker ransomware samples abusing the Avast Anti-Rootkit Driver file to disable anti-virus, which allows adversaries to evade detection and block defense. AvosLocker is known to represent a relatively novel ransomware family that appeared in the cyber threat arena to replace the infamous REvil, which was one of the most active […]
APT29 is a Russian state-sponsored espionage group also referred to by cybersecurity experts as Nobelium APT. The breadth of their attacks corresponds to Russia’s present geopolitical goals. Their latest attacks are characterized by utilizing BEATDROP and BEACON loaders to deploy BOOMMIC (VaporRage) malware. Security analysts report that the latest phishing campaigns were crafted to target […]
On April 28, 2022, CERT-UA published a heads-up notifying of the latest phishing cyber-attack on Ukrainian government entities using the Metasploit framework. The malicious activity can be attributed to the adversary behavior patterns of a group tracked as UAC-0098. Moreover, this most recent attack is believed to be traced to the activity of the TrickBot […]
On April 26, Microsoft 365 Defender Research Team discovered a couple of novel vulnerabilities collectively dubbed Nimbuspwn, enabling adversaries to escalate privileges on multiple Linux desktop environments. The newly detected Nimbuspwn flaws have been identified as CVE-2022-29799 and CVE-2022-29800. Once chained together, these flaws give hackers the green light to obtain root privileges, lead to […]
The 7-Zip file archiver versions of 21.07 have a serious security weak point. 7-Zip is one of the most in-demand tools to compress and package files with a wide array of supported formats including 7z, ZIP, GZIP, BZIP2, and TAR. The vulnerability tracked as CVE-2022-29072 grants adversaries elevated access and command execution when a file […]
A novel Traffic Direction System (TDS), dubbed Parrot TDS, takes advantage of a network of hacked servers that host websites to route victims that fit the required profile to domains used to run scamming schemes or distribute malware. According to the current data, the number of compromised websites has reached 16,500 and counting. Adversaries primarily […]
Last week, VMware released an advisory urging users to patch eight vulnerabilities of various severity levels. Unpatched bugs enable the compromise of the following VMware products: VMware Workspace ONE Access, Identity Manager (vIDM), vRealize Automation (vRA), Cloud Foundation, and Suite Lifecycle Manager. The easiest prey on the hit list with the CVSS score of 9.8 […]
A new info-stealer malware follows in the footsteps of Mars Stealer and BlackGuard. The malware is available for $125 per month or $1,000 for a lifetime subscription. On darknet markets, META Stealer is advertised as an upgrade of RedLine Stealer, which was first revealed in 2020. META Information Stealer Detection To protect your company infrastructure […]
A new tricky remote access tool dubbed Borat RAT was found by cybersecurity researchers. Just like the name suggests, it is a crazy mix of things that is hard to wrap your head around. Borat Trojan is a collection of malware modules coming with a builder and server certificate which includes more than 10 malicious […]