VTA-00411 – Urgent Google Chrome Update to Patch Type Confusion Vulnerability (CVE-2022-1096) Google has issued update to Chrome 99.0.4844.84 for Windows, Mac, and Linux, to address a high severity vulnerability in its Chrome browser that is being actively exploited in the …
CODEREDVTA
Vulnerability and Threat Advisories
“Security rules and techniques that helping you stay ahead of cyber threats”
24/03/2022
New Browser-in-the-Browser (BitB) Attack Steals User Credentials
VTA-00410 – New Browser-in-the-Browser (BitB) Attack Steals User Credentials Recently, there is new way to trick targets into coughing up sensitive information. This new type of attack is found to be using phishing technique that simulates a browser window within …
09/03/2022
High Severity Privilege Escalation of Linux Kernel ‘Dirty Pipe’ On Major Distros
VTA-00409 – High Severity Privilege Escalation of Linux Kernel ‘Dirty Pipe’ On Major Distros Recently, Linux has another high-severity vulnerability that makes it easier for untrusted users to execute codes capable of carrying out a host of malicious actions, including installing …
04/03/2022
GRAMDOOR and STARWHALE Abuse Telegram Messenger API
VTA-00408 – GRAMDOOR and STARWHALE Abuse Telegram Messenger API Mandiant has identified 2 new targeted malware threats, GRAMDOOR and STARWHALE, which implement simple backdoor functionalities. Both are attributed to UNC (Uncategorized) groups. GRAMDOOR is a backdoor written in Python that …
24/02/2022
Hackers Target Microsoft SQL Database Servers Through Cobalt Strike
VTA-00407 – Hackers Target Microsoft SQL Database Servers Through Cobalt Strike ASEC analysis team has reported that vulnerable MS-SQL servers have been targeted by distribution of Cobalt Strike which includes attacks to an environment with unpatched vulnerability, brute forcing and …
Case Study
