Threat Analyst – Page 10

Articles

Lazarus (BlueNoroff) Abuses Chrome V8 Zero-Day (CVE-2024-4947) via Fake DeFi “DeTankZone” Game to Deliver Manuscrypt

1. Executive Summary In a financially motivated campaign attributed to the Lazarus Group’s BlueNoroff ecosystem, attackers weaponised a Google Chrome zero-day in the V8 JavaScript engine to compromise victims who…

Vulnerabilities_Exploits

CVE-2024-47575 (“FortiJump”): FortiManager Missing Authentication RCE Added to KEV After In-the-Wild Exploitation

1 November 2024 Threat Analyst

1. Executive Summary CVE-2024-47575 is a critical “missing authentication for a critical function” vulnerability (CWE-306) in Fortinet FortiManager and FortiManager Cloud that can enable unauthenticated remote attackers to execute arbitrary…

Incident_Reports

Cisco Investigates Data Breach: Sensitive Information Reportedly For Sale on Hacking Forum

15 October 2024 Threat Analyst

Cisco is investigating a recent data breach after a threat actor known as “IntelBroker” claimed to have stolen sensitive data from the company’s internal repositories and has listed it for…

Articles Vulnerabilities_Exploits

Nation-State Adversaries Exploit Ivanti CSA Zero-Days: A Deep Dive into Targeted Attacks and Vulnerability History

15 October 2024 Threat Analyst

Overview Ivanti’s Cloud Services Appliance (CSA) has become a prime target for nation-state actors exploiting zero-day vulnerabilities to gain unauthorised access to critical infrastructure. Fortinet’s recent report unveils that these…

Vulnerabilities_Exploits

Ivanti CSA Hit with Three New Zero-Day Vulnerabilities in Active Exploitation

9 October 2024 Threat Analyst

Ivanti recently disclosed three newly identified zero-day vulnerabilities in its Cloud Services Appliance (CSA), all of which are actively exploited in the wild. These vulnerabilities, tracked as CVE-2024-9379, CVE-2024-9380, and…

Articles Techniques_Tactics_Procedures

File Hosting Services Misused for Identity Phishing: Microsoft’s Analysis

9 October 2024 Threat Analyst

Microsoft’s latest threat intelligence report highlights an ongoing trend where threat actors exploit legitimate file-hosting services, such as OneDrive, SharePoint, and Dropbox, to deliver identity-focused phishing attacks. These services’ familiarity…

Vulnerabilities_Exploits

Microsoft’s October 2024 Patch Tuesday: Five Zero-Day Vulnerabilities Fixed, Including Actively Exploited Flaws

9 October 2024 Threat Analyst

Microsoft’s October 2024 Patch Tuesday release addresses 118 security vulnerabilities, including five zero-day vulnerabilities. These zero-days impact various components, from MSHTML to Microsoft Management Console (MMC), and pose significant risks…

Incident_Reports

Alleged Credit Suisse Data Breach: Employee Data Compromised

8 October 2024 Threat Analyst

Reports have emerged of an alleged data breach at Credit Suisse, potentially impacting sensitive data of nearly 19,000 employees in India. This incident marks yet another challenge for the bank,…

Articles Industry_News Threat_Actor_Profiles

Evil Corp and LockBit Connection Exposed: NCA Unmasks Cybercrime Kingpin

1 October 2024 Threat Analyst

In a significant development, the UK’s National Crime Agency (NCA) has named Aleksandr Ryzhenkov as a key figure in the notorious Russian cybercrime group Evil Corp, while also identifying him…

Articles Techniques_Tactics_Procedures Threat_Actor_Profiles

Leveraging Windows Event Logs to Identify Human-Operated Ransomware: Insights from JPCERT/CC

30 September 2024 Threat Analyst

Introduction In September 2024, JPCERT/CC released a detailed blog post uncovering how Windows Event Logs can be a powerful tool for identifying human-operated ransomware campaigns. The research focuses on notable…

Lazarus (BlueNoroff) Abuses Chrome V8 Zero-Day (CVE-2024-4947) via Fake DeFi “DeTankZone” Game to Deliver Manuscrypt

CVE-2024-47575 (“FortiJump”): FortiManager Missing Authentication RCE Added to KEV After In-the-Wild Exploitation

Cisco Investigates Data Breach: Sensitive Information Reportedly For Sale on Hacking Forum

Nation-State Adversaries Exploit Ivanti CSA Zero-Days: A Deep Dive into Targeted Attacks and Vulnerability History

Ivanti CSA Hit with Three New Zero-Day Vulnerabilities in Active Exploitation

File Hosting Services Misused for Identity Phishing: Microsoft’s Analysis

Microsoft’s October 2024 Patch Tuesday: Five Zero-Day Vulnerabilities Fixed, Including Actively Exploited Flaws

Alleged Credit Suisse Data Breach: Employee Data Compromised

Evil Corp and LockBit Connection Exposed: NCA Unmasks Cybercrime Kingpin

Leveraging Windows Event Logs to Identify Human-Operated Ransomware: Insights from JPCERT/CC

You missed

OpenClaw lures fuel ClickFix infostealer infections as agentic AI ecosystems become a new credential target

Storm-2561 pushes fake VPN installers via SEO poisoning to steal enterprise credentials

Hudson Rock ties Polyfill.io supply-chain compromise to DPRK operator via Lumma Stealer telemetry

Stryker ‘Handala’ incident: global Microsoft environment disruption and reported remote device wipes