Kubernetes installs targeted via Argo Workflows to deploy cryptocurrency miners....

PetiPotam, a new relay attack obtaining password hashes of Windows systems. It f...

Microsoft warned users of evolved LemonDuck malware with new features allowing k...

Argo

Kubernetes

Monero

Kubernetes Clusters targeted via Argo Workflows to establish cryptocurrency mine...

Kubernetes installs targeted via Argo Workflows to deploy cryptocurrency miners. It enables threat actors to execute unauthorized code on the victim's device......

27-Jul-2021

3 min read

NTLM

PetitPotam

MS-EFSRPC

New PetiPotam Attack enables threat actors to obtain password hashes of Windows ...

PetiPotam, a new relay attack obtaining password hashes of Windows systems. It forces the domain controller to authenticate using the EfsRpcOpenFileRaw function... ...

27-Jul-2021

4 min read

Microsoft

LemonDuck

Malware

Microsoft alerted of advanced LemonDuck Malware affecting Windows and Linux Syst...

Microsoft warned users of evolved LemonDuck malware with new features allowing key theft, the introduction of backdoors, and security exploits... ...

26-Jul-2021

2 min read

CERT-Ro

Phobos

Cyberint

PHOBOS ransomware targeting the servers of a Clinical Hospital in Bucharest

Health institutions in Bucharest are affected by PHOBOS ransomware. Threat actors demanded ransom for data decryption...

26-Jul-2021

2 min read

PeopleGIS

WizCase

Amazon

WizCase's security team discovered a data breach exposing over 1000GB of data fr...

WizCase identified a major breach exposing nearly 100 cities. 1000 GB of data and over 1.6 million files exposed from misconfigured Amazon buckets......

26-Jul-2021

3 min read

API

Discord

CDN

Discord CDN & API abuses triggered a new wave of malware exposure

Discord CDN and API abuses caused a spike in malware incidents. RATs and credential-stealing malware found in Discords servers...

24-Jul-2021

3 min read

Emsisoft

Kaseya

REvil

Kaseya acquired "Universal Decryptor Key" for REvil, started delivering to Ranso...

Kaseya obtained a Universal Decryptor Key for REvil Ransomware victims. A third party 'Emsisoft' provided the tool to the company...

24-Jul-2021

3 min read

Supply Chain Attack

Vid.me

Domain Name System

Vid.me- a misconfigured defunct video hosting platform is dumping Porn videos on...

A Non-operational platform is dumping porn videos on news websites. The domain name for the old site was changed along with the content in the HTML <iframe>s... ...

24-Jul-2021

3 min read

Zirconium

APT31

French

France NCA alerted about series of attacks targeting French Organization by Chin...

France warned about APT31 threat group attacking their organizations. Threat actors used vulnerable home routers to conduct their campaign. Many links of APT31s involvement were found with previous ransomware campaigns....

23-Jul-2021

3 min read

Weblogic

Oracle

Vulnerability

Oracle released 342 fixes against a critical Remotely exploitable WebLogic Serve...

Oracle released a security patch update for a remotely exploitable WebLogic Server flaw. Each vulnerability is identified by a unique CVE# identifier. The company urged all users to stay on the latest security update versions......

23-Jul-2021

3 min read