Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Police shuts down Manson cybercrime market, arrests key suspects
Description: German law enforcement has seized over 50 servers that hosted the Manson Market cybercrime marketplace and fake online shops used in phishing operations. [...]
Source: BleepingComputer
December 5th, 2024 (5 months ago)
New Android spyware found on phone seized by Russian FSB
Description: After a Russian programmer was detained by Russia's Federal Security Service (FSB) for fifteen days and his phone confiscated, it was discovered that a new spyware was secretly installed on his device upon its return. [...]
Source: BleepingComputer
December 5th, 2024 (5 months ago)
This $3,000 Android Trojan Targeting Banks and Cryptocurrency Exchanges
Description: As many as 77 banking institutions, cryptocurrency exchanges, and national organizations have become the target of a newly discovered Android remote access trojan (RAT) called DroidBot. "DroidBot is a modern RAT that combines hidden VNC and overlay attack techniques with spyware-like capabilities, such as keylogging and user interface monitoring," Cleafy researchers Simone Mattia, Alessandro
Source: TheHackerNews
December 5th, 2024 (5 months ago)
'Earth Minotaur' Exploits WeChat Bugs, Sends Spyware to Uyghurs
Description: The emerging threat actor, potentially a Chinese state-sponsored APT, is using the known exploit kit Moonshine in cross-platform attacks that deliver a previously undisclosed backdoor called "DarkNimbus" to ethnic minorities, including Tibetans.
Source: Dark Reading
December 5th, 2024 (5 months ago)
Mitel MiCollab zero-day flaw gets proof-of-concept exploit
Description: Researchers have uncovered an arbitrary file read zero-day in the Mitel MiCollab collaboration platform, allowing attackers to access files on a server's filesystem. [...]
Source: BleepingComputer
December 5th, 2024 (5 months ago)
Latrodectus malware and how to defend against it with Wazuh
Description: Latrodectus is a versatile malware family that infiltrate systems, steal sensitive data, and evades detection. Learn more from Wazuh about Latrodectus malware and how to defend against it using the open-source XDR. [...]
Source: BleepingComputer
December 5th, 2024 (5 months ago)
Vulnerability Management Challenges in IoT & OT Environments
Description: By understanding the unique challenges of protecting IoT and OT devices, organizations can safeguard these critical assets against evolving cyber threats.
Source: Dark Reading
December 5th, 2024 (5 months ago)
Europol Shuts Down Manson Market Fraud Marketplace, Seizes 50 Servers
Description: Europol on Thursday announced the shutdown of a clearnet marketplace called Manson Market that facilitated online fraud on a large scale. The operation, led by German authorities, has resulted in the seizure of more than 50 servers associated with the service and the arrest of two suspects. More than 200 terabytes of digital evidence have been collected. Manson Market ("manson-market[.]pw") is
Source: TheHackerNews
December 5th, 2024 (5 months ago)
Critical Mitel MiCollab Flaw Exposes Systems to Unauthorized File and Admin Access
Description: Cybersecurity researchers have released a proof-of-concept (PoC) exploit that strings together a now-patched critical security flaw impacting Mitel MiCollab with an arbitrary file read zero-day, granting an attacker the ability to access files from susceptible instances. The critical vulnerability in question is CVE-2024-41713 (CVSS score: 9.8), which relates to a case of insufficient input
Source: TheHackerNews
December 5th, 2024 (5 months ago)
BlueAlpha Abuses Cloudflare Tunneling Service for GammaDrop Staging Infrastructure
Description: BlueAlpha, a Russian cyber group, uses Cloudflare Tunnels to deploy GammaDrop malware, escalating challenges in targeting Ukrainian entities.
Source: RecordedFuture
December 5th, 2024 (5 months ago)