Trending News
Microsoft SharePoint Remote Code Execution Vulnerability
“An authenticated attacker with Site Owner permissions can use the vulnerability to inject arbitrary code and execute this code in the context of SharePoint Server”
Fake LockBit
LockBit is a Ransomware-as-a-Service (RaaS) that has been involved in numerous cyber attacks over the years. “By the tail end of the attack, the device’s wallpaper is changed into an image mentioning LockBit. This might lead affected users to think that LockBit is to be blamed for the incident, especially since this ransomware family had been active in recent years and even had the highest file detections during the first half of this year”
New PowerRAD and DCRAT through Gophish
“Threat actor abuses Gophish to deliver new PowerRAT and DCRAT. The campaign involves modular infection chains that are either Maldoc or HTML-based infections and require the victim’s intervention to trigger the infection chain.“
Bumblee and Latrodectus
“Two malware families that suffered setbacks in the aftermath of a coordinated law enforcement operation called Endgame have resurfaced as part of new phishing campaigns. Bumblebee and Latrodectus, which are both malware loaders, are designed to steal personal data, along with downloading and executing additional payloads onto compromised hosts.”