VTA-00432 – The Royal Ransomware Linux Variant Targets VMware ESXi OpenSLP Vulnerability In targeted callback phishing attempts, the Royal Group poses as software and food delivery companies in emails that appear to be subscription renewals. These phishing emails contain phone … Read More
VTA
OpenSSH Releases Patch for New Pre-Auth Double Free Vulnerability
VTA-00431 – OpenSSH Releases Patch for New Pre-Auth Double Free Vulnerability OpenSSH has released version 9.2 to address security bugs, including a memory safety vulnerability in the OpenSSH server (sshd). The vulnerability, tracked as CVE-2023-25136, has been classified as a … Read More
New shc-based Linux Malware Targeting Systems with Cryptocurrency Miner
VTA-00430 – New shc-based Linux Malware Targeting Systems with Cryptocurrency Miner A new Linux malware developed using the shell script compiler (shc) has been observed deploying a cryptocurrency miner on compromised systems. It is presumed that after successful authentication through … Read More
Empowering the Cybersecurity and Cloud Security Industry Together
Empowering the Cybersecurity and Cloud Security Industry Together We are thrilled and humbled to have Cyber100 Cohort 3 committee members (NACSA, MDEC, MAMPU, MCMC, MyDigital EPU KKOMM) to visit our office yesterday. We did not see this visit as sales … Read More
APT Actor Spread AppleJeus Malware Disguised as Cryptocurrency Apps
VTA-00429 – APT Actor Spread AppleJeus Malware Disguised as Cryptocurrency Apps The Lazarus Group threat actor has been observed leveraging fake cryptocurrency apps as a lure to deliver a previously undocumented version of the AppleJeus malware, according to new findings … Read More
New Chrome Browser Update to Patch Yet Another Zero-Day Vulnerability (CVE-2022-4262)
VTA-00428 – New Chrome Browser Update to Patch Yet Another Zero-Day Vulnerability (CVE-2022-4262) Recently, Google has released an out-of-band security update to fix a new actively exploited zero-day flaw in its Chrome web browser. The high-severity flaw, tracked as CVE-2022-4262, concerns … Read More
“Bleed You” Campaign Exploiting RCE Vulnerability in Windows Internet Key Exchange (CVE-2022-34721)
VTA-00427 – “Bleed You” Campaign Exploiting RCE Vulnerability in Windows Internet Key Exchange (CVE-2022-34721) The cybersecurity researcher from CYFIRMA discovered several exploits that are currently in use that target the Windows Internet Key Exchange (IKE) Protocol Extensions and more than … Read More
Cryptocurrency Users Targeted By New Laplas Clipper Malware via SmokeLoader
VTA-00426 – Cryptocurrency Users Targeted By New Laplas Clipper Malware via SmokeLoader Cryptocurrency users are being targeted by the New Laplas Clipper which is being delivered using Smoke Loader. SmokeLoader’s purpose is to download and load other malware into the … Read More
OpenSSL Releases Patch for 2 New High-Severity Vulnerabilities
VTA-00425 – OpenSSL Releases Patch for 2 New High-Severity Vulnerabilities The OpenSSL project has rolled out fixes to contain two high-severity flaws in its widely used cryptography library that could result in a denial-of-service (DoS) and remote code execution. The issues, … Read More