VTA-00424 – Maggie Malware Infected Hundreds of Microsoft SQL servers A novel backdoor malware named Maggie that targets Microsoft SQL servers has infected hundreds of machines all over the world. The malware disguises itself as an Extended Stored Procedure DLL, a … Read More
VTA
WPGateway Plugin Zero-Day Vulnerability Affects Multiples WordPress Sites
VTA-00423 – WPGateway Plugin Zero-Day Vulnerability Affects Multiples WordPress Sites A zero-day vulnerability in the latest version of the WPGateway WordPress premium plugin is being actively exploited in the wild, potentially allowing malicious actors to completely take over affected sites. … Read More
Malicious Cookie Stuffing by Chrome Extensions
VTA-00422 – Malicious Cookie Stuffing by Chrome Extensions Five imposter extensions for the Google Chrome web browser masquerading as Netflix viewers and others have been found to track users’ browsing activity and profit of retail affiliate programs. The extensions offer … Read More
Malicious IIS Extensions Used By Attackers To Deploy Covert Backdoors Into Exchange Servers
VTA-00421 – Malicious IIS Extensions Used By Attackers To Deploy Covert Backdoors Into Exchange Servers Attackers are increasingly using malicious extensions for the Internet Information Services (IIS) web server to backdoor unpatched Exchange servers. The malicious extensions have a lower … Read More
Leveraging Follina (CVE-2022-30190) To Deploy Rozena Backdoor
VTA-00420 – Leveraging Follina (CVE-2022-30190) To Deploy Rozena Backdoor A recently discovered phishing campaign is using the security hole known as Follina to distribute an unauthorised backdoor on Windows systems by using document that exploited CVE-2022-30190. Rozena is a backdoor malware … Read More
New IIS Web Server Backdoor: SessionManager
VTA-00419 – New IIS Web Server Backdoor: SessionManager Following the ProxyLogon-type vulnerability within Microsoft Exchange servers, many backdoors were attempted to be deployed into IIS web servers, and one of such backdoors was discovered in early 2022 dubbed as SessionManager. This … Read More
Matanbuchus Delivering Cobalt Strike Beacons Via Spam Campaigns
VTA-00418 – Matanbuchus Delivering Cobalt Strike Beacons Via Spam Campaigns Matanbuchus is a Malware-as-a-service(Maas), where it is engineered to download and execute second-stage executables from command-and-control (C&C) servers on infected systems without detection. The spam emails containing the Matanbuchus come … Read More
SMSSpy Campaign to Steal Malaysian Banking User Credential
VTA-00417 – SMSSpy Campaign to Steal Malaysian Banking User Credential Recently, Malaysian cybercriminals are using two separate campaigns to steal financial details from victims. In one campaign, they are trying to leverage on the Law Enforcement Agencies(LEA) where the target … Read More
CVE-2022-30190 – New Microsoft Office Zero-Day Code Execution Exploit in the Wild
VTA-00416 – CVE-2022-30190 – New Microsoft Office Zero-Day Code Execution Exploit in the Wild Recently, the discovery of a Word document that was uploaded to VirusTotal shed light upon a new zero-day vulnerability in Microsoft Office named ‘Follina’ that may … Read More