Severity High Analysis Summary CVE-2020-3421, CVE-2020-3480 Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the […]

Severity Medium Analysis Summary Recently, the threat actor GADOLINIUM started using cloud services and open source tools to enhance weaponization of their malware payload, in order […]

Severity High Analysis Summary Microsoft reported that attackers are exploiting a particularly dangerous flaw in Windows Server systems that could be used to give attackers the access to […]

Severity Medium Analysis Summary Researchers discovered a unique reflective loader attack. The email, possibly part of a malspam campaign, is delivered to the potential victim’s inbox […]

Severity Low Analysis Summary CVE-2020-4340 IBM Security Secret Server could allow a remote attacker to bypass security restrictions, caused by improper input validation.  CVE-2019-11358 jQuery, as […]

Severity Medium Analysis Summary Recent spam campaigns leading to URSA/Mispadu banking trojan detected by researchers have been uncovered. Mispadu malware steals credentials from users’ systems. This […]

Severity High Analysis Summary A common and trending NETLOGON Vulnerability CVE-2020-1472 was reported earlier this month. When we explored this vulnerability, we came to conclusion that the attacker […]

Severity High Analysis Summary A new ransomware group has been targeting large corporate networks using self-made backdoors and file-encrypting malware for the initial and final stages […]

Severity High Analysis Summary APT41 intrusion activities originating from China are being detected again. Earlier this year, APT41 launched a global intrusion campaign using multiple exploits. […]

Severity Medium Analysis Summary Researchers disseminated a Warning to its government customers about a new APT28 (aka Sofacy, Sednit, Fancy Bear, STRONTIUM, etc.) campaign targeting government bodies […]

Severity High Analysis Summary CVE-2020-15674 Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the […]

Severity Medium Analysis Summary Horizon DaaS contains a broken authentication vulnerability due to a flaw in the way it handled the first factor authentication. Successful exploitation […]

Severity Medium Analysis Summary FortiManager and FortiAnalyzer are vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability […]

Severity Medium Analysis Summary This Dridex campaign spoofs FedEx. FedEx Corporation, short for Federal Express, is an American multinational delivery services company headquartered in Memphis, Tennessee. […]

Severity High Analysis Summary Emotet is a banking trojan usually distributed via email spam. The malicious word documents are now increasingly delivered within a password-protected zip-file. […]

Severity High Analysis Summary Advantech WebAccess Node could allow a local authenticated attacker to gain elevated privileges on the system, caused by incorrect permissions set for […]

Severity High Analysis Summary Citrix Application Delivery Controller, Citrix Gateway and Citrix SD-WAN WANOP appliance models could allow a remote authenticated attacker to execute arbitrary commands […]

Severity High Analysis Summary Our SOC analysts have discovered and analyzed a new phishing campaign targeting banks in Pakistan. These phishing emails successfully bypassed the email […]

Severity Medium Analysis Summary Fortinet FortiOS is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the SSL VPN portal. A remote authenticated […]

Severity High Analysis Summary Linux Kernel could allow a local attacker to obtain sensitive information, caused by an out-of-bounds read in vgacon_scrolldelta. By running a specially […]

Severity High Analysis Summary Recently, different threat intelligence forums have been reporting a number of public facing Pakistani websites being infected with sophisticated malware. These sophisticated […]

Severity Medium Analysis Summary XML-RPC on WordPress, which is enabled by default, is actually an API that provides third-party applications and services the ability to interact […]

Severity High Analysis Summary A Zero-Day Vulnerability is reported in File Manager Plugin for WordPress, a plugin with more than 700,000 active installations; out of which […]

Severity High Analysis Summary TrickBot is a banking Trojan which targets sensitive information and acts as a dropper for other malware. Trickbot is usually spread via […]