Skip to Content

Tag: Threat Advisory

Threat Advisory: HermeticWiper

.text-component ul, .text-component ol {list-style-position: outside;margin-left: 20px;}.text-component li {margin-bottom: 20px;}.divTable{display: table;width: 100%;}.divTableRow {display: table-row;}.divTableHeading {background-color: #EEE;display: table-header-group;}.divTableCell, .divTableHead {border: 1px solid #999999;display: table-cell;padding: 3px 10px;}.divTableHeading {background-color: #EEE;display: table-header-group;font-weight: bold;}.divTableFoot {background-color: #EEE;display: table-footer-group;font-weight: bold;}.divTableBody {display: table-row-group;} Category: Tool TLP Level: TLP:WHITE Severity: Medium Campaign Active: 2022-02-23 Campaign Identified: 2022-02-23 Campaign Updated: 2022-02-24 Campaign Details: At 8:00 […]

Advisory: HermeticWiper – Increased cyber activities since Russian invasion of Ukraine

Category: Event TLP Level: TLP:WHITE Severity: High Campaign Details: Campaign Active: 2022-02-15 Campaign Identified: 2022-02-15 Campaign Updated: 2022-02-24 Updates: 02/24 12:00 PM GMT Russia has launched an invasion of Ukraine which started with missile and artillery attacks targeting locations near the capital of Kiev and the border city of Kharkiv. Ground troops have since begun […]

Threat Advisory: Blackbyte Ransomware

Blackbyte is a newly identified ransomware-as-a-Service operation configured to use ‘double-extortion’ techniques based on an available ‘leaks’ website. Early intrusions of Blackbyte re-used encryption keys, meaning that files encrypted prior to October 2021 may be recoverable [Source 1]. Initial access in Blackbyte intrusions is typical achieved through the exploitation of vulnerabilities in public-facing devices [Source […]

Threat Advisory: PwnKit – Local Privilege Escalation Vulnerability in Major Linux Distributions

Updated: 01/26/2022 17:54 Severity: HIGH Background A vulnerability was discovered in Polkit pkexec, a SUID-root program that is included on every major Linux distribution by default. This vulnerability enables local privilege escalation to root on the victim host. Proof-of-concepts (PoCs) have been published for this vulnerability but ‘in-the-wild’ exploitation has not yet been observed. Affected […]

Threat Advisory: WhisperGate Malware – Attacks Against Ukrainian Systems

Category: Malware TLP Level: TLP:WHITE Severity: High Published: True Campaign Active: 2022-01-15 Campaign Identified: 2022-01-16 Campaign Updated: 2022-01-16 Campaign Details: Microsoft published a report describing a malware campaign given the name “WhisperGate” that is targeting Ukrainian systems including government agencies and technology organizations. This malware takes destructive actions on the host in order to render […]