Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: A 7-Zip vulnerability allowing attackers to bypass the Mark of the Web (MotW) Windows security feature was exploited by Russian hackers as a zero-day since September 2024. [...]
February 4th, 2025 (2 months ago)
|
CVE-2025-0411 |
Description: A recently patched security vulnerability in the 7-Zip archiver tool was exploited in the wild to deliver the SmokeLoader malware.
The flaw, CVE-2025-0411 (CVSS score: 7.0), allows remote attackers to circumvent mark-of-the-web (MotW) protections and execute arbitrary code in the context of the current user. It was addressed by 7-Zip in November 2024 with version 24.09.
"The vulnerability was
EPSS Score: 0.4%
February 4th, 2025 (2 months ago)
|
|
|
Description: A Russian-speaking cybercrime gang known as Crazy Evil has been linked to over 10 active social media scams that leverage a wide range of tailored lures to deceive victims and trick them into installing malware such as StealC, Atomic macOS Stealer (aka AMOS), and Angel Drainer.
"Specializing in identity fraud, cryptocurrency theft, and information-stealing malware, Crazy Evil employs a
February 3rd, 2025 (3 months ago)
|
|
|
Description: Over 57 distinct threat actors with ties to China, Iran, North Korea, and Russia have been observed using artificial intelligence (AI) technology powered by Google to further enable their malicious cyber and information operations.
"Threat actors are experimenting with Gemini to enable their operations, finding productivity gains but not yet developing novel capabilities," Google Threat
January 30th, 2025 (3 months ago)
|
|
|
Description: The Council of the European Union has sanctioned three individuals for allegedly carrying out "malicious cyber activities" against Estonia.
The three Russian nationals – Nikolay Alexandrovich Korchagin, Vitaly Shevchenko, and Yuriy Fedorovich Denisov – are officers of the General Staff of the Armed Forces of the Russian Federation (GRU) Unit 29155, it said.
Per the council decision, all the
January 28th, 2025 (3 months ago)
|
|
|
Description: The European Union sanctioned three hackers, part of Unit 29155 of Russia's military intelligence service (GRU), for their involvement in cyberattacks targeting Estonia's government agencies in 2020. [...]
January 27th, 2025 (3 months ago)
|
|
|
Description: A previously unknown threat actor has been observed copying the tradecraft associated with the Kremlin-aligned Gamaredon hacking group in its cyber attacks targeting Russian-speaking entities.
The campaign has been attributed to a threat cluster dubbed GamaCopy, which is assessed to share overlaps with another hacking group named Core Werewolf, also tracked as Awaken Likho and PseudoGamaredon.
January 27th, 2025 (3 months ago)
|
|
|
Description: The US Department of Commerce will prohibit the import of components for connected vehicles from China or Russia, as the US continues to ban technology it sees as potential national security threats.
January 20th, 2025 (3 months ago)
|
|
|
Description: Russian nation-state actor Star Blizzard has been running a new spear-phishing campaign to compromise WhatsApp accounts of targets in government, diplomacy, defense policy, international relations, and Ukraine aid organizations. [...]
January 19th, 2025 (3 months ago)
|
|
|
Description: Microsoft Threat Intelligence has uncovered a new spear-phishing campaign by the Russian threat actor Star Blizzard, marking a significant shift in their tactics. The campaign, observed in mid-November 2024, exploits WhatsApp’s account linking feature to gain unauthorized access to messages. This is the first time Star Blizzard has used WhatsApp as an attack vector, following …
The post Star Blizzard Targets WhatsApp Accounts in Tricky QR Code Attack appeared first on CyberInsider.
January 17th, 2025 (3 months ago)
|