CODEREDVTA

Vulnerability and Threat Advisories

“Security rules and techniques that helping you stay ahead of cyber threats”

PROVINTELL_Gramdoor and Starwhale Abuse Telegram Messenger API
04/03/2022

GRAMDOOR and STARWHALE Abuse Telegram Messenger API

VTA-00408 – GRAMDOOR and STARWHALE Abuse Telegram Messenger API Mandiant has identified 2 new targeted malware threats, GRAMDOOR and STARWHALE, which implement simple backdoor functionalities. Both are attributed to UNC (Uncategorized) groups. GRAMDOOR is a backdoor written in Python that …

Read More
Vulnerable Microsoft SQL Servers targeted through Cobalt strike
24/02/2022

Hackers Target Microsoft SQL Database Servers Through Cobalt Strike

VTA-00407 – Hackers Target Microsoft SQL Database Servers Through Cobalt Strike ASEC analysis team has reported that vulnerable MS-SQL servers have been targeted by distribution of Cobalt Strike which includes attacks to an environment with unpatched vulnerability, brute forcing and …

Read More
Trojans through Microsoft Teams
23/02/2022

Hackers Spread Trojans Through Microsoft Teams

VTA-00406 – Hackers Spread Trojans Through Microsoft Teams Hackers are attaching .exe files to Teams chat to install a Trojan on the end-user computer. This trojan will bypass default protections in Teams and install malware, in which Teams has limited …

Read More
PROVINTELL ESET Antivirus bug for window system privileges
10/02/2022

ESET Antivirus Bug Allows Attackers Gain Windows SYSTEM Privileges

VTA-00405 – ESET Antivirus Bug Allows Attackers Gain Windows SYSTEM Privileges Recently, ESET has released security fixes to address a high severity local privilege escalation vulnerability affecting multiple products on systems running Windows 10 and later or Windows Server 2016 and …

Read More
PROVINTELL Cyber Security Polkit's Pkexec CVE-2021-4034
04/02/2022

Local Privilege Escalation Vulnerability in Polkit’s Pkexec

VTA-00404 – Local Privilege Escalation Vulnerability in Polkit’s Pkexec Recently, a local privilege escalation vulnerability in Polkit’s pkexec component is discovered in the default installations of Ubuntu, Debian, Fedora, and CentOS. This vulnerability has been hiding in plain sight for 12+ …

Read More

Case Study