CloudSEK’s flagship digital risk monitoring platform XVigil discovered a post, on a Russian cybercrime forum frequented by Ransomware groups, regarding eight vulnerabilities targeting Samba packages affecting Active Directory domains.
CloudSEK’s Threat Intelligence Research team analyzed the profile of the ransomware group named 54bb47h (Sabbath)
VenomRAT is a remote access tool discovered by 2020, and it is used by threat actors to control the infected systems remotely.
RCE vulnerability targeting MS Exchange servers that enable attackers to compromise Internet-facing instances. The zero-day vulnerability is being actively exploited by threat actors to target Windows users.
CloudSEK Threat Intelligence Research team’s analysis of the ransomware group dubbed Arvin Club
A post on a cybercrime forum is advertising ready-made phishing projects targeting LastPass and Evernote users for USD 2,500 on monthly rental subscription
On 22 October, attackers hijacked the NPM account of the developer of UAParser.js, a library used to detect users’ browser types and operating systems
CloudSEK’s Threat Intelligence team discovered a post, on a cybercrime forum, advertising a scanning tool for the path traversal and file disclosure vulnerability, CVE-2021-41773, in Apache HTTP Server.
A security researcher reported a vulnerability in the Azure Cosmos DB Jupyter Notebook instance, referred to as ChaosDB, that allows a user to gain access to another user’s data.
Jira released an advisory about the newly identified path traversal and read file vulnerability, CVE-2021-26086, in the Jira Software Server. Threat actors could exploit this vulnerability to poison the server logs, thereby causing remote code execution and/ or exfiltration of sensitive files and information.
Sign up for our Daily Cyber Brief, and be the first to receive the latest cyber news and threat alerts, from across the world.
CloudSEK is a Digital risk protection Enterprise HQ in Singapore
Product and Modules
About us