CODEREDVTA

VTA-00415 – Threat Actors Gain Fileless Persistence on Targeted SQL Servers Using a Built-in Utility Recently, Microsoft observed a malicious campaign that targeting SQL servers leveraging on a built-in PowerShell binary to achieve persistence on compromised systems. The attackers start by initiating brute-force attack as …

VTA-00414 – AvosLocker Ransomware Variant Using New Trick to Disable Antivirus Protection Recently, there is a new variant of AvosLocker ransomware that makes use of a legitimate driver file to disable antivirus solutions to evade detection after breaching target networks …

VTA-00413 – Remote Code Execution (RCE) Vulnerability in WordPress’s Elementor Plugin WordPress’ plugin Elementor, has recently released an important security fix to patch the vulnerability which allows authenticated users to have escalated privileges and achieve administrative rights, which was tracked …

VTA-00412 – NGINX Shares Mitigations for Zero-Day Bug Affecting LDAP Implementation Recently, NGINX has issued mitigations to address security weaknesses in its Lightweight Directory Access Protocol (LDAP) Reference Implementation. The reference implementation which uses LDAP to authenticate users, is impacted only …

VTA-00411 – Urgent Google Chrome Update to Patch Type Confusion Vulnerability  (CVE-2022-1096) Google has issued update to Chrome 99.0.4844.84 for Windows, Mac, and Linux, to address a high severity vulnerability in its Chrome browser that is being actively exploited in the …