ذكاء التهديدات

CloudSEK DRP discovered a threat actor claiming to have compromised Uber, the American mobility service provider. To demonstrate the legitimacy of the claims, the actor has posted unauthorized messages on the HackerOne page of the company.

CloudSEK Threat Intelligence Advisory on KashmirBlack, infects sites that use outdated software, exploits CVE-2017-9841 in CMS platforms.

CloudSEK Threat Intelligence Advisory on XDDown Downloader, hacker group XDSpy's malware tool, leverages spear-phishing tactics to propagate.

CloudSEK’s flagship digital risk monitoring platform XVigil discovered a post on a cybercrime forum, advertising Active Targets for ProxyLogon Vulnerability databases allegedly belonging to Shodan, Censys, and Zoomeye.

Researchers detected the vulnerability CVE-2021-40444 that targets a remote code execution flaw in MSHTML used to render web content inside Office documents

CloudSEK Threat Intelligence Advisory on Ttint IoT botnet, a Mirai variant, targeting Tenda AC15 AC1900 routers, exploiting CVE-2020-10987.

CloudSEK threat intelligence advisory on MS Exchange RCE vulnerability, dubbed CVE-2020-16875, that allows attackers highest user privileges.

The severity of the newly identified vulnerability CVE-2022-1388 is present in the F5 BIG-IP. The vulnerability was identified by F5 internally and a patch was released but the difference in code allowed threat actors to make a working exploit for the CVE.