Zero-Day exploit targets security flaw in Microsoft Exchange server
Vulnerabilities and Exploitation Attempts
New Critical Microsoft Outlook RCE Bug is Trivial to Exploit?
Microsoft has disclosed a critical security vulnerability in Outlook that can easily be exploited remotely by unauthenticated attackers. The flaw also facilitates the bypassing of the Office Protected View feature.
The vulnerability, tracked as CVE-2024-21413 (CVSS Score 8.5), allows for remote code execution (RCE) when emails containing malicious links are opened using a susceptible version of Microsoft Outlook.
SolarWinds Issues Patches to Critical and High Severity RCE Vulnerabilities in Its ARM Solution?
SolarWinds has recently issued patches for five remote code execution vulnerabilities in its Access Rights Manager, including three critical vulnerabilities that allow unauthenticated exploitation. The vulnerabilities were not reported to have been exploited in the wild.
Zero-Day Exploit Targets Security Flaw in Microsoft Exchange Server?
A Microsoft Exchange server security flaw - tracked as CVE-2024-21410 and published in Microsoft’s last Patch Tuesday report - has now been marked as a zero-day vulnerability being exploited in the wild.
Malware Developments
BumbleBee Malware Buzzes Back?
Researchers have recently discovered a resurgence of the Bumblebee malware, following a four-month intermission. The recent campaign unleashed a wave of emails with the subject line "Voicemail February," targeting U.S. organizations.?
领英推荐
Fade Stealer Malware Distributed via Fake Colorama Package?
Researchers have identified an uptick in the distribution of malicious software through imitation of popular Python packages. Among these, a particularly sophisticated scheme has emerged, targeting the reputable "Colorama" package, a tool used by developers for adding color and style to terminal outputs.
'TicTacToe Dropper' Malware Deployment Technique?
Researchers identified a sophisticated and evasive malware delivery system known as the "TicTacToe dropper." This dropper is designed to deliver various forms of malware that are particularly elusive as they load obfuscated payloads reflectively in memory, making detection and analysis difficult. Common payloads delivered by the droppers include Leonem, AgentTesla, SnakeLogger, and others.
Ransomware Campaigns
RansomHouse Gang Automates VMware ESXi Attacks with New MrAgent Tool?
Recently, researchers discovered a new tool named MrAgent - employed by the RansomHouse gang to automate and streamline VMware ESXi attacks.
Gain deeper CTI insights!?
CyberProof’s CTI service offers comprehensive threat intelligence coverage, ensuring that your organization stays ahead of active threats that pose the greatest risk to your assets.?
Our advanced CTI team investigates the threat landscape, providing you with detailed reports, related Indicators of Compromise (IOCs), technical recommendations, and MITRE ATT&CK mapping.