VTA-00448 – APT41 Mobile Espionage Campaign with WyrmSpy and DragonEgg Spyware The Chinese state-sponsored group APT41, known for its wide-ranging cyber espionage and financial gain activities, has set its sights on a new target: mobile platforms. Cybersecurity firm Lookout has identified …
CODEREDVTA
Vulnerability and Threat Advisories
“Security rules and techniques that helping you stay ahead of cyber threats”
TeamTNT Cloud Credentials Stealing Campaigns Targeting AWS, Azure, and GCP
VTA-00447 – TeamTNT Cloud Credentials Stealing Campaigns Targeting AWS, Azure, and GCP Starting in June 2023, an actor initiated a cloud credentials stealing campaign primarily targeting Amazon Web Services (AWS) credentials from public-facing Jupyter Notebooks services. Collaborating with the Permiso Security …
Hackers Exploit WEBAPK To Install Malware On Android Devices
VTA-00446 – Hackers Exploit WEBAPK To Install Malware On Android Devices According to the most recent research, Android devices are the target of a brand-new, highly sophisticated attack using Webapk technology. Through a Smishing attempts, the threat actors convince the victim …
Malware Campaign Exploiting Microsoft Office Vulnerabilities to Drops LokiBot
VTA-00445 – Malware Campaign Exploiting Microsoft Office Vulnerabilities to Drops LokiBot FortiGuard Labs, a cybersecurity research team, has uncovered a malware campaign that exploits vulnerabilities, namely CVE-2021-40444 and CVE-2022-30190 (Follina), in Microsoft Office documents. This campaign aims to distribute LokiBot …
SCARLETEEL 2.0: Advanced Cryptojacking Campaign Targets AWS Fargate
VTA-00444 – SCARLETEEL 2.0: Advanced Cryptojacking Campaign Targets AWS Fargate SCARLETEEL was first discovered in February 2023 and involves a sophisticated attack chain that results in the theft of proprietary data from AWS infrastructure and the deployment of cryptocurrency miners to …