Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families
As many as five different malware families were deployed by suspected nation-state actors as part of post-exploitation activities leveraging two...
Month: January 2024
Medusa Ransomware on the Rise: From Data Leaks to Multi-Extortion
The threat actors associated with the Medusa ransomware have ramped up their activities following the debut of a dedicated data...
Urgent: GitLab Releases Patch for Critical Vulnerabilities – Update ASAP
GitLab has released security updates to address two critical vulnerabilities, including one that could be exploited to take over accounts...
Ransomware Review November 2023
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Atomic Stealer Distributed To Mac Users Via Fake Browser Updates
Atomic Stealer, also known as AMOS, is a popular stealer for Mac OS. Back in September, we described how malicious...
Malvertisers Zoom In On Cryptocurrencies And Initial Access
During the past month, we have observed an increase in the number of malicious ads on Google searches for “Zoom”,...
Associated Press Espn Cbs Among Top Sites Serving Fake Virus Alerts
ScamClub is a threat actor who’s been involved in malvertising activities since 2018. Chances are you probably ran into one...
Ransomware Review January 2024
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
New Metastealer Malvertising Campaigns
MetaStealer is a popular piece of malware that came out in 2022, levering previous code base from RedLine. Stealers have...
Pikabot Distributed Via Malicious Ads
During this past year, we have seen an increase in the use of malicious ads (malvertising) and specifically those via...
Atomic Stealer Rings In The New Year With Updated Version
Last year, we documented malware distribution campaigns both via malvertising and compromised sites delivering Atomic Stealer (AMOS) onto Mac users....
Ransomware Review December 2023
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Akira Ransomware Victim: Blackburn College
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Akira Ransomware Victim: Vincentz Network
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Applying the Tyson Principle to Cybersecurity: Why Attack Simulation is Key to Avoiding a KO
Picture a cybersecurity landscape where defenses are impenetrable, and threats are nothing more than mere disturbances deflected by a strong...
Trend Micro Apex Central local file include | CVE-2023-52325
NAME__________Trend Micro Apex Central local file includePlatforms Affected:Trend Micro Apex Central 2019Risk Level:7.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Trend Micro Apex Central could allow...
Juniper Networks Junos OS denial of service | CVE-2024-21595
NAME__________Juniper Networks Junos OS denial of servicePlatforms Affected:Juniper Networks Junos OS 22.3 Juniper Networks Junos OS 22.4 Juniper Networks Junos...
Juniper Networks Junos OS and Junos OS Evolved denial of service | CVE-2024-21613
NAME__________Juniper Networks Junos OS and Junos OS Evolved denial of servicePlatforms Affected:Juniper Networks Junos OS 21.3 Juniper Networks Junos OS...
Trend Micro Apex Central cross-site scripting | CVE-2023-52326
NAME__________Trend Micro Apex Central cross-site scriptingPlatforms Affected:Trend Micro Apex Central 2019Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Trend Micro Apex Central is vulnerable to...
Juniper Networks Junos OS denial of service | CVE-2024-21616
NAME__________Juniper Networks Junos OS denial of servicePlatforms Affected:Juniper Networks Junos OS 21.3 Juniper Networks Junos OS 21.4 Juniper Networks Junos...
Trend Micro Apex Central cross-site scripting | CVE-2023-52327
NAME__________Trend Micro Apex Central cross-site scriptingPlatforms Affected:Trend Micro Apex Central 2019Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Trend Micro Apex Central is vulnerable to...
Juniper Networks Junos OS and Junos OS Evolved denial of service | CVE-2024-21614
NAME__________Juniper Networks Junos OS and Junos OS Evolved denial of servicePlatforms Affected:Juniper Networks Junos OS 22.2 Juniper Networks Junos OS...
fontTools XML external entity injection | CVE-2023-45139
NAME__________fontTools XML external entity injectionPlatforms Affected:fontTools fontTools 4.28.2 fontTools fontTools 4.42.1Risk Level:7.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________fontTools is vulnerable to an XML external...
Juniper Networks Junos OS and and Junos OS Evolved denial of service | CVE-2024-21596
NAME__________Juniper Networks Junos OS and and Junos OS Evolved denial of servicePlatforms Affected:Juniper Networks Junos OS 21.2 Juniper Networks Junos...
