VTA-00447 – TeamTNT Cloud Credentials Stealing Campaigns Targeting AWS, Azure, and GCP Starting in June 2023, an actor initiated a cloud credentials stealing campaign primarily targeting Amazon Web Services (AWS) credentials from public-facing Jupyter Notebooks services. Collaborating with the Permiso Security …
CODEREDVTA
Vulnerability and Threat Advisories
“Security rules and techniques that helping you stay ahead of cyber threats”
Hackers Exploit WEBAPK To Install Malware On Android Devices
VTA-00446 – Hackers Exploit WEBAPK To Install Malware On Android Devices According to the most recent research, Android devices are the target of a brand-new, highly sophisticated attack using Webapk technology. Through a Smishing attempts, the threat actors convince the victim …
Malware Campaign Exploiting Microsoft Office Vulnerabilities to Drops LokiBot
VTA-00445 – Malware Campaign Exploiting Microsoft Office Vulnerabilities to Drops LokiBot FortiGuard Labs, a cybersecurity research team, has uncovered a malware campaign that exploits vulnerabilities, namely CVE-2021-40444 and CVE-2022-30190 (Follina), in Microsoft Office documents. This campaign aims to distribute LokiBot …
SCARLETEEL 2.0: Advanced Cryptojacking Campaign Targets AWS Fargate
VTA-00444 – SCARLETEEL 2.0: Advanced Cryptojacking Campaign Targets AWS Fargate SCARLETEEL was first discovered in February 2023 and involves a sophisticated attack chain that results in the theft of proprietary data from AWS infrastructure and the deployment of cryptocurrency miners to …
Urgent Patch Released by Apple to Address Zero-Day Vulnerability Affecting iOS, iPadOS, macOS, and Safari
VTA-00443 – MalwareUrgent Patch Released by Apple to Address Zero-Day Vulnerability Affecting iOS, iPadOS, macOS, and Safari Apple has released Rapid Security Response updates for iOS, iPadOS, macOS, and Safari web browser to address a zero-day vulnerability, labeled as CVE-2023-37450, …