Executive Summary Aoqin Dragon, a threat actor SentinelLabs has been extensively tracking, has operated since 2013 targeting government, education, and telecommunication organizations in Southeast Asia
Tag: VULNERABILITY
In this multi-day intrusion, we observed a threat actor gain initial access to an organization by exploiting a vulnerability in ManageEngine SupportCenter Plus. The threat
In this report, we investigate the reasons that the DeadBolt ransomware family is more problematic for its victims than other ransomware families that previously targeted
In a recent blog post by Microsoft, a new Zero-Day vulnerability (CVE-2022-30190) was discussed. This vulnerability affects Microsoft Support Diagnostic Tool (MSDT), and the blog
Users of WSO2 products are advised to update their respective products and platforms or to apply the temporary mitigation steps immediately. We observed vulnerability CVE-2022-29464
According to CrowdStrike research, Mirai malware variants compiled for Intel-powered Linux systems double (101%) in Q1 2022 compared to Q1 2021 Mirai malware variants that
An unknown Advanced Persistent Threat (APT) group has targeted Russian government entities with at least four separate spear phishing campaigns since late February, 2022. The
In December last year, the vulnerability (CVE-2021-44228) of Java-based logging utility Log4j became a worldwide issue. It is a remote code execution vulnerability that can
Summary Update June 2, 2022: This Cybersecurity Advisory (CSA) has been updated with additional indicators of compromise (IOCs) and detection signatures, as well as tactics,
Trend Micro’s Managed XDR team addressed a Kingminer botnet attack conducted through an SQL exploit. We discuss our findings and analysis in this report. We
We all know vulnerabilities have a lifecycle. First, they start as closely held secrets, hopefully known to the company producing the vulnerable software. After becoming
This post is also available in: 日本語 (Japanese) Executive Summary On May 4, 2022, F5 released a security advisory for a remote code execution vulnerability
Cisco Talos has observed an ongoing malicious campaign since August 2021 from the Bitter APT group that appears to target users in Bangladesh, a change
We analyze the Black Basta ransomware and examine the malicious actor’s familiar infection tactics. Black Basta, a new ransomware gang, has swiftly risen to prominence
Broadcom Software, has observed the North Korea-linked advanced persistent threat (APT) group known as Lazarus conducting an espionage campaign targeting organizations operating within the chemical