VTA

Urgent Google Chrome Update to Patch Type Confusion Vulnerability (CVE-2022-1096)

Posted by CODEREDASM on April 1, 2022 | Featured | No Comments

VTA-00411 – Urgent Google Chrome Update to Patch Type Confusion Vulnerability (CVE-2022-1096) Google has issued update to Chrome 99.0.4844.84 for Windows, Mac, and Linux, to address a high severity vulnerability in its Chrome browser that is being actively exploited in the … Read More

New Browser-in-the-Browser (BitB) Attack Steal User Credentials

New Browser-in-the-Browser (BitB) Attack Steals User Credentials

Posted by CODEREDASM on March 24, 2022 | Featured | No Comments

VTA-00410 – New Browser-in-the-Browser (BitB) Attack Steals User Credentials Recently, there is new way to trick targets into coughing up sensitive information. This new type of attack is found to be using phishing technique that simulates a browser window within … Read More

High Severity Privilege Escalation of Linux Kernel ‘Dirty Pipe’ On Major Distros

Posted by CODEREDASM on March 9, 2022 | Featured | No Comments

VTA-00409 – High Severity Privilege Escalation of Linux Kernel ‘Dirty Pipe’ On Major Distros Recently, Linux has another high-severity vulnerability that makes it easier for untrusted users to execute codes capable of carrying out a host of malicious actions, including installing … Read More

GRAMDOOR and STARWHALE Abuse Telegram Messenger API

Posted by CODEREDASM on March 4, 2022 | Featured | No Comments

VTA-00408 – GRAMDOOR and STARWHALE Abuse Telegram Messenger API Mandiant has identified 2 new targeted malware threats, GRAMDOOR and STARWHALE, which implement simple backdoor functionalities. Both are attributed to UNC (Uncategorized) groups. GRAMDOOR is a backdoor written in Python that … Read More

Vulnerable Microsoft SQL Servers targeted through Cobalt strike

Hackers Target Microsoft SQL Database Servers Through Cobalt Strike

Posted by CODEREDASM on February 24, 2022 | Featured | No Comments

VTA-00407 – Hackers Target Microsoft SQL Database Servers Through Cobalt Strike ASEC analysis team has reported that vulnerable MS-SQL servers have been targeted by distribution of Cobalt Strike which includes attacks to an environment with unpatched vulnerability, brute forcing and … Read More

Hackers Spread Trojans Through Microsoft Teams

Posted by CODEREDASM on February 23, 2022 | Featured | No Comments

VTA-00406 – Hackers Spread Trojans Through Microsoft Teams Hackers are attaching .exe files to Teams chat to install a Trojan on the end-user computer. This trojan will bypass default protections in Teams and install malware, in which Teams has limited … Read More

PROVINTELL ESET Antivirus bug for window system privileges

ESET Antivirus Bug Allows Attackers Gain Windows SYSTEM Privileges

Posted by CODEREDASM on February 10, 2022 | Featured | No Comments

VTA-00405 – ESET Antivirus Bug Allows Attackers Gain Windows SYSTEM Privileges Recently, ESET has released security fixes to address a high severity local privilege escalation vulnerability affecting multiple products on systems running Windows 10 and later or Windows Server 2016 and … Read More

PROVINTELL Cyber Security Polkit's Pkexec CVE-2021-4034

Local Privilege Escalation Vulnerability in Polkit’s Pkexec

Posted by CODEREDASM on February 4, 2022 | Featured | No Comments

VTA-00404 – Local Privilege Escalation Vulnerability in Polkit’s Pkexec Recently, a local privilege escalation vulnerability in Polkit’s pkexec component is discovered in the default installations of Ubuntu, Debian, Fedora, and CentOS. This vulnerability has been hiding in plain sight for 12+ … Read More

Safari Brower Bugs allows cross site user tracking

Safari Browser Bug Allows Cross-Site User Tracking

Posted by CODEREDASM on January 21, 2022 | Featured | No Comments

VTA-00403 – Safari Browser Bug Allows Cross-Site User Tracking Recently, a software bug introduced in Apple Safari 15’s implementation of the IndexedDB API could be abused by a malicious website to track user’s online activity in the web browser and … Read More