Volexity would like to thank Palo Alto Networks for their partnership, cooperation, and rapid response to this critical issue. Their research can be found here.

On April 10, 2024, Volexity identified zero-day exploitation of a vulnerability found within the GlobalProtect feature of Palo Alto Networks PAN-OS at one of its network security monitoring (NSM) customers.…

Read More

Summary: Palo Alto Networks released security updates to address several high-severity vulnerabilities in its PAN-OS operating system, including DoS vulnerabilities and an improper Group Membership Change vulnerability in Cloud Identity Engine (CIE).

Threat Actor: N/A

Victim: Palo Alto Networks

Key Point :

Palo Alto Networks addressed several high-severity vulnerabilities in its PAN-OS operating system through security updates.…
Read More

Threat Actor: Unknown | Unknown Victim: IT and telecom industries | IT and telecom industries Price: Prices start at $150,000, with incremental steps of $20,000 and a flash sale option at $400,000 Exfiltrated Data Type: Firewall VPNs, hosts, configuration files, code execution capabilities

Additional Information :

The threat actor is offering unauthorized access to firewall VPNs and hosts on a large scale.…
Read More

Written by: Jacob Thompson

 

The Apache XML Security for C++ library, code named xml-security-c, is part of the Apache Santuario project. The library implements the XML Digital Signature and the XML Signature specifications, making them available to C++ developers. By default, the library resolves references to external URIs passed in Extensible Markup Language (XML) signatures, allowing for server-side request forgery (SSRF).…

Read More
Cisco Talos discovered a new threat actor we’re calling “CoralRaider” that we believe is of Vietnamese origin and financially motivated. CoralRaider has been operating since at least 2023, targeting victims in several Asian and Southeast Asian countries. This group focuses on stealing victims’ credentials, financial data, and social media accounts, including business and advertisement accounts.…
Read More

MuddyWater APT has targeted government and private companies since 2017, including critical sectors such as energy, telecommunications, government, and defense. In February 2024, MuddyWater resumed spear-phishing attacks using new techniques. The National Cyber Directorate of Israel attributed the team’s attack toolkit and attack pattern findings to the MuddyWater group in March 2024, following an increase in new attacks.…

Read More

____________________ Summary: The article discusses a new BOLA vulnerability discovered in Grafana, impacting millions of users worldwide. It explains the vulnerability, potential impacts, and provides solutions and mitigations.

Key Point 🛡️: – BOLA vulnerability (CVE-2024-1313) allows low-privileged users to delete dashboard snapshots of other organizations. – Endpoint allows any user to create snapshot images without complexity checks on secret keys.…

Read More
Key TakeawaysIn February, the FBI took down the WarzoneRAT malware operation, seizing its infrastructure and arrested two individuals linked to the cybercrime operation. Recently, Cyble Research and Intelligence Labs (CRIL) observed few samples of malware campaign possibly distributed via tax-themed spam emails, deploying WarzoneRAT (Avemaria) as the final payload. …
Read More

____________________ Summary: A new hacking campaign called “ShadowRay” is exploiting an unpatched vulnerability in the Ray framework to breach servers and hijack resources, affecting various industries.

Key Point: 🔒 Ray framework vulnerability exploited by hackers 🔒 Attackers gaining access to sensitive data and resources 🔒 Use of compromised servers for cryptocurrency mining 🔒 Exploitation of vulnerabilities undetected by traditional security measures 🔒 Recommendations for securing Ray deployments ____________________

A new hacking campaign dubbed “ShadowRay” targets an unpatched vulnerability in Ray, a popular open-source AI framework, to hijack computing power and leak sensitive data from thousands of companies.…

Read More