Threat Intelligence

Redline Stealer Exploits CVE-2022-1096 in Chromium Browsers to Target Millions of Users

Category: Vulnerability Intelligence Vulnerability Class: Access of Resource Using Incompatible Type CVE ID: CVE-2022-1096 CVSS:3.0 Score: 9.1 Executive Summary CloudSEK’s Threat Research Team has

May 12, 2022

Axxes Ransomware Group Appears to be the Rebranded Version of Midas Group

We have discovered a financially motivated threat actor group, named Axxes ransomware, that is considered to be a rebrand of a formerly known Midas ransomware group.

May 11, 2022

Missing Endpoint Authentication in F5 BIG-IP Leads to Remote Code Execution

The severity of the newly identified vulnerability CVE-2022-1388 is present in the F5 BIG-IP. The vulnerability was identified by F5 internally and a patch was released but the difference in code allowed threat actors to make a working exploit for the CVE.

May 11, 2022

AutoWarp Vulnerability: How hackers unauthorisedly accessing Microsoft Azure Accounts

AutoWarp vulnerability in the Azure Automation service that allows unauthorized access to other Azure customer accounts.

April 20, 2022

Multiple VMware Products Found Vulnerable to Server-Side Template Injection CVE-2022-22954

Category: Vulnerability Intelligence Vulnerability Class: Server-Side Template Injection/RCE CVE ID: CVE-2022-22954 CVSS:3.0 Score: 9.8 Executive Summary CloudSEK’s Customer Threat Research Team analyzed remote code

April 15, 2022

Android Malware Targeting Indian Banks

CloudSEK’s Customer Threat Research Team discovered a malware sample in the wild (ITW) that targeted the customers of Indian Banks.

April 4, 2022

Unpatched Java Spring Core Zero-Day Vulnerability: “Spring4Shell”

Category: Vulnerability Intelligence Vulnerability Class: Remote code execution CVE ID: To be assigned CVSS:3.0 Score: To be assigned Spring4Shell – Executive Summary A new critical zero-day vulnerability in the

March 31, 2022

Google Zero Day Vulnerability (CVE-2022-1096) Affects 3.2 Billion Chrome Users

Category: Vulnerability Intelligence Vulnerability Class: Zero-Day Vulnerability CVE ID: CVE-2022-1096 CVSS:3.0 Score: To be assigned Executive Summary Google released a security update to patch a critical zero-day vulnerability in

March 30, 2022

CARPE (DIEM): CVE-2019-0211 Apache Local Privilege Escalation

CloudSEK’s flagship digital risk monitoring platform XVigil discovered a post on a cybercrime forum, mentioning a vulnerability in the Apache HTTP server 2.4.17 to 2.4.38, known as CVE-2019-0211.

March 25, 2022

Multiple Assets Still Vulnerable to Archaic RCE Dubbed ‘ExplodingCan’

CloudSEK’s Customer Threat Research team discovered multiple assets on the internet that are still vulnerable to CVE-2017-7269, a remote code execution (RCE) vulnerability affecting IIS v6.0 – 2003 R2.

March 22, 2022

Darkweb Mentions