Act now! In-the-wild Zimbra vulnerability needs a workaround
Security experts are warning Zimbra users that a vulnerability for which there is no patch is being actively exploited in the wild. In a security update about the vulnerability, the…
Hackers exploiting critical WordPress WooCommerce Payments bug
Hackers are conducting widespread exploitation of a critical WooCommerce Payments plugin to gain the privileges of any users, including administrators, on vulnerable WordPress installation. Source: https://www.bleepingcomputer.com/news/security/hackers-exploiting-critical-wordpress-woocommerce-payments-bug/
Active Exploitation of Multiple Adobe ColdFusion Vulnerabilities
Rapid7 managed services teams have observed exploitation of Adobe ColdFusion in multiple customer environments. The attacks our team has responded to thus far appear to be chaining CVE-2023-29298 , a…
A technical analysis of the Quasar-forked RAT called VoidRAT
https://resources.securityscorecard.com/research/technical-analysis-of-the-quasar-forked-rat-called-void-rat Source: A technical analysis of the Quasar-forked RAT called VoidRAT / SecurityScoreCard
Black Basta Overview
Black Basta is a Russian-speaking group that was first spotted in early 2022. It is known for its double extortion attack, where it not only executes ransomware but also exfiltrates…
ISC China Report Summary
Original Document: https://isc.independent.gov.uk/wp-content/uploads/2023/07/ISC-China.pdf The “China” report by the Intelligence and Security Committee of Parliament provides an in-depth analysis of the perceived threats and challenges posed by China to the UK.…
SmokeLoader malware
SmokeLoader, also known as Dofoil, is a modular bot used primarily to download other malware onto a compromised system. It has been in operation since at least 2011 and has…
ISC Russia Report Summary
https://isc.independent.gov.uk/wp-content/uploads/2021/03/CCS207_CCS0221966010-001_Russia-Report-v02-Web_Accessible.pdf The “Russia” report by the Intelligence and Security Committee of Parliament provides an in-depth analysis of the perceived threats and challenges posed by Russia to the UK. Here are…
2022 Global Threat Intelligence Report by NTT Security
https://www.security.ntt/pdf/2022-global-threat-intelligence-report-v8.pdf The 2022 Global Threat Intelligence Report by NTT Security Holdings highlights several key trends and events in the cybersecurity landscape:
Brenntag Ransomware Attack
In April, Brenntag, a global chemical distribution company, was hit by a ransomware attack. The DarkSide hacker group claimed responsibility, extracting a significant ransom payment. The attack resulted in a…