CODEREDVTA

Vulnerability and Threat Advisories

“Security rules and techniques that helping you stay ahead of cyber threats”

Image credit by Pixabay
01/07/2022

Matanbuchus Delivering Cobalt Strike Beacons Via Spam Campaigns

VTA-00418 – Matanbuchus Delivering Cobalt Strike Beacons Via Spam Campaigns Matanbuchus is a Malware-as-a-service(Maas), where it is engineered to download and execute second-stage executables from command-and-control (C&C) servers on infected systems without detection. The spam emails containing the Matanbuchus come …

Read More
Image credit by Pixabay
10/06/2022

SMSSpy Campaign to Steal Malaysian Banking User Credential

VTA-00417 – SMSSpy Campaign to Steal Malaysian Banking User Credential Recently, Malaysian cybercriminals are using two separate campaigns to steal financial details from victims. In one campaign, they are trying to leverage on the Law Enforcement Agencies(LEA) where the target …

Read More
Image credit by Pixabay
01/06/2022

CVE-2022-30190 – New Microsoft Office Zero-Day Code Execution Exploit in the Wild

VTA-00416 – CVE-2022-30190 – New Microsoft Office Zero-Day Code Execution Exploit in the Wild Recently, the discovery of a Word document that was uploaded to VirusTotal shed light upon a new zero-day vulnerability in Microsoft Office named ‘Follina’ that may …

Read More
Threat Actor Gain Fileless Persistence on Targeted SQL Se
20/05/2022

Threat Actors Gain Fileless Persistence on Targeted SQL Servers Using a Built-in Utility

VTA-00415 – Threat Actors Gain Fileless Persistence on Targeted SQL Servers Using a Built-in Utility Recently, Microsoft observed a malicious campaign that targeting SQL servers leveraging on a built-in PowerShell binary to achieve persistence on compromised systems. The attackers start by initiating brute-force attack as …

Read More
AvosLocker Ransomware Variant Using New Trick to Disable Antivirus Protection
06/05/2022

AvosLocker Ransomware Variant Using New Trick to Disable Antivirus Protection

VTA-00414 – AvosLocker Ransomware Variant Using New Trick to Disable Antivirus Protection Recently, there is a new variant of AvosLocker ransomware that makes use of a legitimate driver file to disable antivirus solutions to evade detection after breaching target networks …

Read More

Case Study