Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
China's Silk Typhoon APT Shifts to IT Supply Chain Attacks
Description: The nation-state threat group has been breaching providers of remote management tools, identity management providers, and other IT companies to access networks of targeted entities, according to Microsoft.
Source: Dark Reading
March 5th, 2025 (about 1 month ago)
Silk Typhoon hackers now target IT supply chains to breach networks
Description: Microsoft warns that Chinese cyber-espionage threat group 'Silk Typhoon' has shifted its tactics, now targeting remote management tools and cloud services in supply chain attacks that give them access to downstream customers. [...]
Source: BleepingComputer
March 5th, 2025 (about 2 months ago)
Microsoft: Chinese Hackers “Silk Typhoon” Now Target the IT Supply Chain
Description: Microsoft Threat Intelligence has identified a shift in tactics by Silk Typhoon, a Chinese state-sponsored cyber-espionage group, which is now targeting IT supply chain providers, including remote management tools and cloud applications. By exploiting unpatched applications and leveraging stolen credentials, the group gains access to downstream customer environments, enabling extensive cyber-espionage activities. This development follows … The post Microsoft: Chinese Hackers “Silk Typhoon” Now Target the IT Supply Chain appeared first on CyberInsider.
Source: CyberInsider
March 5th, 2025 (about 2 months ago)
China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access
Description: The China-lined threat actor behind the zero-day exploitation of security flaws in Microsoft Exchange servers in January 2021 has shifted its tactics to target the information technology (IT) supply chain as a means to obtain initial access to corporate networks. That's according to new findings from the Microsoft Threat Intelligence team, which said the Silk Typhoon (formerly Hafnium) hacking
Source: TheHackerNews
March 5th, 2025 (about 2 months ago)
Microsoft Teams tactics, malware connect Black Basta, Cactus ransomware
Description: New research has uncovered further links between the Black Basta and Cactus ransomware gangs, with members of both groups utilizing the same social engineering attacks and the BackConnect proxy malware for post-exploitation access to corporate networks. [...]
Source: BleepingComputer
March 4th, 2025 (about 2 months ago)
Broadcom fixes three VMware zero-days exploited in attacks
Description: Broadcom warned customers today about three VMware zero-days, tagged as exploited in attacks and reported by the Microsoft Threat Intelligence Center. [...]
Source: BleepingComputer
March 4th, 2025 (about 2 months ago)

CVE-2012-0217
Linux Distros Unpatched Vulnerability : CVE-2012-0217
Description: Nessus Plugin ID 217599 with High Severity Synopsis The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched. Description The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier. (CVE-2012-0217)Note that Nessus relies on the presence of the package as reported by the vendor. Solution There is no known solution at this time. Read more at https://www.tenable.com/plugins/nessus/217599
Source: Tenable Plugins
March 4th, 2025 (about 2 months ago)
Phishers Wreak 'Havoc,' Disguising Attack Inside SharePoint
Description: A complex campaign allows cyberattackers to take over Windows systems by a combining a ClickFix-style attack and sophisticated obfuscation that abuses legitimate Microsoft services.
Source: Dark Reading
March 3rd, 2025 (about 2 months ago)
New Microsoft 365 outage impacts Teams, causes call failures
Description: Microsoft is investigating a new Microsoft 365 outage that is affecting Teams customers and causing call failures. [...]
Source: BleepingComputer
March 3rd, 2025 (about 2 months ago)
New ClickFix attack deploys Havoc C2 via Microsoft Sharepoint
Description: A newly uncovered ClickFix phishing campaign is tricking victims into executing malicious PowerShell commands that deploy the Havok post-exploitation framework for remote access to compromised devices. [...]
Source: BleepingComputer
March 3rd, 2025 (about 2 months ago)