AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Cloud crypter12/24/2023 Satellite company Viasat has published an overview of the February 24 cyberattack against the KA-SAT network. The 3LOSH crypter continues to be actively maintained and improved by its author and will likely continue to be used by various threat actors attempting to evade detection in corporate environments. These malware distribution campaigns have been ongoing for the past several months, with new samples being uploaded to public repositories on a daily basis. These campaigns appear to be linked to a new version of the 3LOSH crypter. The infections leverage process injection to evade detection by endpoint security software. Title: AsyncRAT campaigns feature new version of 3LOSH crypterĭescription: Ongoing malware distribution campaigns are using ISO disk images to deliver AsyncRAT, LimeRAT and other commodity malware to victims. To get a risk score this high means it is a widely deployed technology with a public exploit available, and Cisco Talos researchers have seen proof of an ongoing active internet breach using the vulnerability. This is an exceptionally rare score, of which only 415 out of 184,000 CVEs (or 0.22 percent) have achieved, reflecting the severity and potential effects of this vulnerability. The Kenna Risk Score for CVE-2022-22965 is currently at maximum 100. Cybersecurity and Infrastructure Security Agency recently added the Spring4Shell vulnerabilities to its to its Known Exploited Vulnerabilities Catalog based on “evidence of active exploitation.” Spring4Shell affects Spring model–view–controller (MVC) and Spring WebFlux applications running on Java Development Kit 9 and later. Title: CISA warns of active exploitation of Spring4Shell vulnerabilitiesĭescription: The U.S. SELECTED BY THE TALOS SECURITY INTELLIGENCE AND RESEARCH GROUP TOP VULNERABILITY THIS WEEK: Attackers actively exploiting Spring4Shell vulnerabilities MOST PREVALENT MALWARE FILES MARCH 31-APRIL 7, 2022 VULNERABILITIES FOR WHICH EXPLOITS ARE AVAILABLE INTERESTING NEWS FROM AROUND THE SECURITY COMMUNITY
0 Comments
Read More
Leave a Reply. |