CODEREDVTA

Vulnerability and Threat Advisories

“Security rules and techniques that helping you stay ahead of cyber threats”

New Browser-in-the-Browser (BitB) Attack Steal User Credentials
06/12/2022

New Chrome Browser Update to Patch Yet Another Zero-Day Vulnerability (CVE-2022-4262)

VTA-00428 – New Chrome Browser Update to Patch Yet Another Zero-Day Vulnerability (CVE-2022-4262) Recently, Google has released an out-of-band security update to fix a new actively exploited zero-day flaw in its Chrome web browser. The high-severity flaw, tracked as CVE-2022-4262, concerns …

Read More
LockFile Ransomware Hijacks Windows Domain
29/11/2022

“Bleed You” Campaign Exploiting RCE Vulnerability in Windows Internet Key Exchange (CVE-2022-34721)

VTA-00427 – “Bleed You” Campaign Exploiting RCE Vulnerability in Windows Internet Key Exchange (CVE-2022-34721) The cybersecurity researcher from CYFIRMA discovered several exploits that are currently in use that target the Windows Internet Key Exchange (IKE) Protocol Extensions and more than …

Read More
Image credit by Pixabay
11/11/2022

Cryptocurrency Users Targeted By New Laplas Clipper Malware via SmokeLoader

VTA-00426 – Cryptocurrency Users Targeted By New Laplas Clipper Malware via SmokeLoader Cryptocurrency users are being targeted by the New Laplas Clipper which is being delivered using Smoke Loader. SmokeLoader’s purpose is to download and load other malware into the …

Read More
Image credit by Pixabay
02/11/2022

OpenSSL Releases Patch for 2 New High-Severity Vulnerabilities

VTA-00425 – OpenSSL Releases Patch for 2 New High-Severity Vulnerabilities The OpenSSL project has rolled out fixes to contain two high-severity flaws in its widely used cryptography library that could result in a denial-of-service (DoS) and remote code execution. The issues, …

Read More
Conti Ransomware Gang Hacking Microsoft Exchange Servers Using ProxyShell Exploit
12/10/2022

Maggie Malware Infected Hundreds of Microsoft SQL servers

VTA-00424 – Maggie Malware Infected Hundreds of Microsoft SQL servers A novel backdoor malware named Maggie that targets Microsoft SQL servers has infected hundreds of machines all over the world. The malware disguises itself as an Extended Stored Procedure DLL, a …

Read More

Case Study