Lazarus (BlueNoroff) Abuses Chrome V8 Zero-Day (CVE-2024-4947) via Fake DeFi “DeTankZone” Game to Deliver Manuscrypt
1. Executive Summary In a financially motivated campaign attributed to the Lazarus Group’s BlueNoroff ecosystem, attackers weaponised a Google Chrome zero-day in the V8 JavaScript engine to compromise victims who…
CVE-2024-47575 (“FortiJump”): FortiManager Missing Authentication RCE Added to KEV After In-the-Wild Exploitation
1. Executive Summary CVE-2024-47575 is a critical “missing authentication for a critical function” vulnerability (CWE-306) in Fortinet FortiManager and FortiManager Cloud that can enable unauthenticated remote attackers to execute arbitrary…
Cisco Investigates Data Breach: Sensitive Information Reportedly For Sale on Hacking Forum
Cisco is investigating a recent data breach after a threat actor known as “IntelBroker” claimed to have stolen sensitive data from the company’s internal repositories and has listed it for…
Nation-State Adversaries Exploit Ivanti CSA Zero-Days: A Deep Dive into Targeted Attacks and Vulnerability History
Overview Ivanti’s Cloud Services Appliance (CSA) has become a prime target for nation-state actors exploiting zero-day vulnerabilities to gain unauthorised access to critical infrastructure. Fortinet’s recent report unveils that these…
Ivanti CSA Hit with Three New Zero-Day Vulnerabilities in Active Exploitation
Ivanti recently disclosed three newly identified zero-day vulnerabilities in its Cloud Services Appliance (CSA), all of which are actively exploited in the wild. These vulnerabilities, tracked as CVE-2024-9379, CVE-2024-9380, and…
File Hosting Services Misused for Identity Phishing: Microsoft’s Analysis
Microsoft’s latest threat intelligence report highlights an ongoing trend where threat actors exploit legitimate file-hosting services, such as OneDrive, SharePoint, and Dropbox, to deliver identity-focused phishing attacks. These services’ familiarity…
Microsoft’s October 2024 Patch Tuesday: Five Zero-Day Vulnerabilities Fixed, Including Actively Exploited Flaws
Microsoft’s October 2024 Patch Tuesday release addresses 118 security vulnerabilities, including five zero-day vulnerabilities. These zero-days impact various components, from MSHTML to Microsoft Management Console (MMC), and pose significant risks…
Alleged Credit Suisse Data Breach: Employee Data Compromised
Reports have emerged of an alleged data breach at Credit Suisse, potentially impacting sensitive data of nearly 19,000 employees in India. This incident marks yet another challenge for the bank,…
Evil Corp and LockBit Connection Exposed: NCA Unmasks Cybercrime Kingpin
In a significant development, the UK’s National Crime Agency (NCA) has named Aleksandr Ryzhenkov as a key figure in the notorious Russian cybercrime group Evil Corp, while also identifying him…
Leveraging Windows Event Logs to Identify Human-Operated Ransomware: Insights from JPCERT/CC
Introduction In September 2024, JPCERT/CC released a detailed blog post uncovering how Windows Event Logs can be a powerful tool for identifying human-operated ransomware campaigns. The research focuses on notable…