VTA-00408 – GRAMDOOR and STARWHALE Abuse Telegram Messenger API Mandiant has identified 2 new targeted malware threats, GRAMDOOR and STARWHALE, which implement simple backdoor functionalities. Both are attributed to UNC (Uncategorized) groups. GRAMDOOR is a backdoor written in Python that …
CODEREDVTA
Vulnerability and Threat Advisories
“Security rules and techniques that helping you stay ahead of cyber threats”
Hackers Target Microsoft SQL Database Servers Through Cobalt Strike
VTA-00407 – Hackers Target Microsoft SQL Database Servers Through Cobalt Strike ASEC analysis team has reported that vulnerable MS-SQL servers have been targeted by distribution of Cobalt Strike which includes attacks to an environment with unpatched vulnerability, brute forcing and …
Hackers Spread Trojans Through Microsoft Teams
VTA-00406 – Hackers Spread Trojans Through Microsoft Teams Hackers are attaching .exe files to Teams chat to install a Trojan on the end-user computer. This trojan will bypass default protections in Teams and install malware, in which Teams has limited …
ESET Antivirus Bug Allows Attackers Gain Windows SYSTEM Privileges
VTA-00405 – ESET Antivirus Bug Allows Attackers Gain Windows SYSTEM Privileges Recently, ESET has released security fixes to address a high severity local privilege escalation vulnerability affecting multiple products on systems running Windows 10 and later or Windows Server 2016 and …
Local Privilege Escalation Vulnerability in Polkit’s Pkexec
VTA-00404 – Local Privilege Escalation Vulnerability in Polkit’s Pkexec Recently, a local privilege escalation vulnerability in Polkit’s pkexec component is discovered in the default installations of Ubuntu, Debian, Fedora, and CentOS. This vulnerability has been hiding in plain sight for 12+ …