Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: A suspected Chinese threat actor targeted a large U.S. organization earlier this year as part of a four-month-long intrusion.
According to Broadcom-owned Symantec, the first evidence of the malicious activity was detected on April 11, 2024 and continued until August. However, the company doesn't rule out the possibility that the intrusion may have occurred earlier.
"The attackers moved laterally
December 5th, 2024 (5 months ago)
|
|
|
Description: Kaspersky researchers demonstrate capabilities of hrtng plugin for IDA Pro, share tips on working with IDA and reverse engineer FinSpy malware with these tools.
December 5th, 2024 (5 months ago)
|
|
|
Description: The China-linked threat actor known as MirrorFace has been attributed to a new spear-phishing campaign mainly targeting individuals and organizations in Japan since June 2024.
The aim of the campaign is to deliver backdoors known as NOOPDOOR (aka HiddenFace) and ANEL (aka UPPERCUT), Trend Micro said in a technical analysis.
"An interesting aspect of this campaign is the comeback of a backdoor
December 5th, 2024 (5 months ago)
|
|
|
Description: Authorities across 19 African countries also dismantled their infrastructure and networks, thanks to cooperation between global law enforcement and private firms.
December 5th, 2024 (5 months ago)
|
|
|
Description: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added multiple security flaws affecting products from Zyxel, North Grid Proself, ProjectSend, and CyberPanel to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The list of vulnerabilities is as follows -
CVE-2024-51378 (CVSS score: 10.0) - An incorrect default permissions
December 5th, 2024 (5 months ago)
|
|
|
Description: The U.K. National Crime Agency (NCA) on Wednesday announced that it led an international investigation to disrupt Russian money laundering networks that were found to facilitate serious and organized crime across the U.K., the Middle East, Russia, and South America.
The effort, codenamed Operation Destabilise, has resulted in the arrest of 84 suspects linked to two Russian-speaking networks
December 5th, 2024 (5 months ago)
|
|
|
Description: Trend Micro Incorporated has released the security updates for Deep Security Agent (for Windows) and Deep Security Notifier on DSVA (for Windows VM).
December 5th, 2024 (5 months ago)
|
|
|
Description: Microsoft made it abundantly clear this week that Windows 10 users won't be able to upgrade to Windows 11 unless their systems come with TPM 2.0 support, stating it's a "non-negotiable" requirement. [...]
December 5th, 2024 (5 months ago)
|
CVE-2024-50311 |
Description: A denial of service (DoS) vulnerability was found in OpenShift. This flaw allows attackers to exploit the GraphQL batching functionality. The vulnerability arises when multiple queries can be sent within a single request, enabling an attacker to submit a request containing thousands of aliases in one query. This issue causes excessive resource consumption, leading to application unavailability for legitimate users.
EPSS Score: 0.04%
December 5th, 2024 (5 months ago)
|
|
CVE-2024-50184 |
Description: In the Linux kernel, the following vulnerability has been resolved:
virtio_pmem: Check device status before requesting flush
If a pmem device is in a bad status, the driver side could wait for
host ack forever in virtio_pmem_flush(), causing the system to hang.
So add a status check in the beginning of virtio_pmem_flush() to return
early if the device is not activated.
EPSS Score: 0.04%
December 5th, 2024 (5 months ago)
|