VTA-00415 – Threat Actors Gain Fileless Persistence on Targeted SQL Servers Using a Built-in Utility Recently, Microsoft observed a malicious campaign that targeting SQL servers leveraging on a built-in PowerShell binary to achieve persistence on compromised systems. The attackers start by initiating brute-force attack as … Read More
VTA
AvosLocker Ransomware Variant Using New Trick to Disable Antivirus Protection
VTA-00414 – AvosLocker Ransomware Variant Using New Trick to Disable Antivirus Protection Recently, there is a new variant of AvosLocker ransomware that makes use of a legitimate driver file to disable antivirus solutions to evade detection after breaching target networks … Read More
Remote Code Execution (RCE) Vulnerability in WordPress’s Elementor Plugin
VTA-00413 – Remote Code Execution (RCE) Vulnerability in WordPress’s Elementor Plugin WordPress’ plugin Elementor, has recently released an important security fix to patch the vulnerability which allows authenticated users to have escalated privileges and achieve administrative rights, which was tracked … Read More
NGINX Shares Mitigations for Zero-Day Bug Affecting LDAP Implementation
VTA-00412 – NGINX Shares Mitigations for Zero-Day Bug Affecting LDAP Implementation Recently, NGINX has issued mitigations to address security weaknesses in its Lightweight Directory Access Protocol (LDAP) Reference Implementation. The reference implementation which uses LDAP to authenticate users, is impacted only … Read More
Urgent Google Chrome Update to Patch Type Confusion Vulnerability (CVE-2022-1096)
VTA-00411 – Urgent Google Chrome Update to Patch Type Confusion Vulnerability (CVE-2022-1096) Google has issued update to Chrome 99.0.4844.84 for Windows, Mac, and Linux, to address a high severity vulnerability in its Chrome browser that is being actively exploited in the … Read More
New Browser-in-the-Browser (BitB) Attack Steals User Credentials
VTA-00410 – New Browser-in-the-Browser (BitB) Attack Steals User Credentials Recently, there is new way to trick targets into coughing up sensitive information. This new type of attack is found to be using phishing technique that simulates a browser window within … Read More
High Severity Privilege Escalation of Linux Kernel ‘Dirty Pipe’ On Major Distros
VTA-00409 – High Severity Privilege Escalation of Linux Kernel ‘Dirty Pipe’ On Major Distros Recently, Linux has another high-severity vulnerability that makes it easier for untrusted users to execute codes capable of carrying out a host of malicious actions, including installing … Read More
GRAMDOOR and STARWHALE Abuse Telegram Messenger API
VTA-00408 – GRAMDOOR and STARWHALE Abuse Telegram Messenger API Mandiant has identified 2 new targeted malware threats, GRAMDOOR and STARWHALE, which implement simple backdoor functionalities. Both are attributed to UNC (Uncategorized) groups. GRAMDOOR is a backdoor written in Python that … Read More
Hackers Target Microsoft SQL Database Servers Through Cobalt Strike
VTA-00407 – Hackers Target Microsoft SQL Database Servers Through Cobalt Strike ASEC analysis team has reported that vulnerable MS-SQL servers have been targeted by distribution of Cobalt Strike which includes attacks to an environment with unpatched vulnerability, brute forcing and … Read More