jenkins-vulnerability

A report on Jenkins CVE-2024-23897 vulnerability

Critical Jenkins vulnerability (CVE-2024-23897) poses severe RCE threat, exposing organizations to remote code execution risks in CI/CD pipelines.

Read More
ivanti-vulnerabilities

Ivanti Zero-Day Vulnerabilities: Connect Secure and IPS

Stay informed about critical vulnerabilities in Ivanti Connect Secure VPN and Policy Secure appliances exploited by UNC5221 since December 2023.

Read More
androxghost-malware

Unmasking Androxgh0st: A deep dive to safeguard your network

Stay vigilant against emerging cyber threats. FBI and CISA uncover Androxgh0st malware - explore tactics and strategies to strengthen your network defenses.

Read More
bandook-rat

Evolving Threat: Unraveling the resurgence of Bandook RAT

This threat bulletin dives into the resurgence of the Bandook remote access trojan (RAT), offering a nuanced perspective on its historical evolution.

Read More
dll-hijacking-windows

Defend against DLL Hijacking in Windows Environments

In this threat bulletin, we unravel the nuances of DLL hijacking, exploring not only its intricacies but also strategies to fortify our defenses.

Read More
cloud-atlas-cyberthreat

Unveiling the Cloud Atlas Cyber Threat

In this threat bulletin, we delve into the recent activities of the sophisticated Cloud Atlas group, shedding light on their advanced methodologies.

Read More
pikabot-malware

PikaBot malware: Unveiling the malicious network

This threat bulletin gives insight into the malware PikaBot, a highly sophisticated loader that emerged in early 2023, including its distribution techniques.

Read More
mranon-stealer-malware

Strategic threat analysis : MrAnon stealer malware campaign

Get an outline of MrAnon stealer malware, its evolution, potential threats & possible ways of improving Security Information and Event Management (SIEM) Systems

Read More
hrserv-dll

Security analysis and management of HRSERV.DLL in Windows OS

Look into the structure, functions, and possible system performance impacts of HRSERV.DLL, a very important Dynamic Link Library file in Windows OS.

Read More
owncloud-vulnerability

OwnCloud vulnerability: Subdomain Validation Bypass

This threat bulletin provides an overview of the OwnCloud vulnerability, its consequences, and possible mitigation measures.

Read More
kamran-android-spyware

Kamran Android Spyware

Look into the new Android spyware called Kamran which recently emerged in the Gilgit-Baltista region, that targets people who speak Urdu.

Read More
gootloader-malware

Emerging Gootloader Malware Threat Evades defences

In this threat bulletin, let's look at the signature tactics, techniques, and procedures (TTPs) of GootLoader malware and dive into the new ways it gets around

Read More
seroxen-rat-malware

Emerging SeroXen RAT malware

Take a look at the new malware threat, SeroXen RAT, which is a remote access trojan that’s been discovered, and discuss its implications for security.

Read More
exelastealer-malware

Emerging Exelastealer malware threat

This paper examines the characteristics of ExelaStealer, the potential danger vectors connected to it, and offers mitigation strategies to lessen its effects.

Read More
toddycat-group-threat

ToddyCat APT Group Threat Analysis

Explore ToddyCat APT: Cyberespionage, Threats, & Defenses. Learn about their tactics, IOCs, and how to safeguard your organization.

Read More
evilproxy-malware

Advanced phishing campaigns with EvilProxy

Stay informed about the latest malware threat EvilProxy, its evolution, SIEM rule updates, IOCs, and protective measures in this comprehensive report.

Read More
bunnyloader-malware

A report on BunnyLoader malware threat

BunnyLoader: Powerful C/C++ malware loader for cybercriminals, evading detection with fileless loading. Get insights on its dangerous capabilities.

Read More
evilbamboo-threat-actor

A report on EvilBamboo threat actor

Explore evolving cyber threats: EvilBamboo's tactics targeting Taiwanese, Tibetan, and Uyghur communities exposed. Learn more.

Read More
bbtok-banking-trojan

BBTok Banking Trojan: Analysis and mitigation

Discover how to protect against BBTok banking trojans in Latin America. Analyzing threats, the latest changes, and mitigation strategies.

Read More
hijackloader-malware-loader

HijackLoader malware loader- traits and precautions

Explore HijackLoader virus traits, dangers, security tips, and the latest attack vectors and updates in this comprehensive study.

Read More
blister-malware

Blister malware: advancements and evasion

This threat bulletin gives insight into the ongoing Blister malware threats, evasion tactics, and strategies for enhanced defense.

Read More
kmsdbot-malware

Enhanced version released for KmsdBot malware

Upgraded KmsdBot malware targets IoT devices, signaling a concerning evolution in cyber threats. Organizations respond with heightened cybersecurity measures.

Read More
blackcat-ransomware-variant

Emergence of advanced BlackCat ransomware variant

Discover Microsoft's findings on advanced BlackCat ransomware variant ALPHV using Impacket and RemCom for effective lateral movement & remote code execution.

Read More
JanelaRAT-threat

JanelaRAT - A Targeted Financial Malware Threat in LATAM

Check out the bulletin update on JanelaRAT: Targeted financial malware in LATAM evading detection using DLL side-loading.

Read More
reptile-rootkit

Reptile Rootkit and its mitigation strategies

Look into the Powerful Linux threat with stealth and reverse shell capabilities. Impacting South Korean systems, its GitHub debut sparked widespread attacks

Read More
avrecon-linux-botnet

The growing threat of AVrecon: Unraveling the Linux Botnet

AVrecon, a potent Linux virus, orchestrates a vast botnet of 70,000+ SOHO routers for bandwidth theft and illicit proxy services, empowering cybercriminals.

Read More
hotrat-malware

Dangerous HotRat - A variant of AsyncRAT malware

Beware the HotRat malware, a dangerous variant of AsyncRAT, spreading via pirated software downloads. Safeguard your system now

Read More
wormgpt-ai-tool

WormGPT- An AI tool for advanced cyber attacks

Discover WormGPT, a potent cybercrime AI tool automating the creation of deceptive emails, fueling successful phishing and BEC attacks.

Read More
blackbyte-ransomware-attack

BlackByte 2.0 ransomware attack investigation

Ransomware attacks plague businesses, with Microsoft's Response team uncovering alarming velocity and destruction of BlackByte 2.0 ransomware.

Read More
gentoo-soko

SQL injection vulnerabilities in Gentoo Soko

Discover critical SQL injection flaws in Gentoo Soko, a popular Go software module, which was exposed in March 2023 in this insightful threat bulletin.

Read More
mockingjay-process-injection

Mockingjay process injection technique

Learn about Mockingjay process injection— an advanced technique evading security with threat actors leveraging DLLs & RWX permissions in Windows executables.

Read More
vidar-malware

Adapting and evading detection by Vidar malware

Vidar malware operators adopt IP rotation, Moldovan & Russian providers to evade detection. Discover the evolving threat in this bulletin.

Read More
visual-studio-vulnerability

Visual Studio vulnerability- Malicious extension attacks

High-risk vulnerability discovered in Microsoft Visual Studio installer allows malicious actors to distribute dangerous extensions undetected.

Read More
blackcat-ransomware

Evolution of Blackcat ransomware

Explore the evolving cybercrime tactics with Sphynx strain of BlackCat ransomware in this insightful threat bulletin.

Read More
gobrat-trojan

GobRAT trojan targets Japanese network infrastructures

Look into GobRAT, an Advanced Linux RAT targeting Japanese routers, exploits router vulnerabilities & impersonates Apache daemon for stealthy infections.

Read More
michaelkors-ransomware

Impact of emerging RaaS MichaelKors on VMware ESXi Systems

Learn about MichaelKors RaaS, targeting Linux and VMware ESXi systems, in this revealing threat bulletin.

Read More
greatness-phaas-platform

Greatness- A PhaaS platform risks Microsoft 365 Users

This threat bulletin gives insight into Greatness, a new Phishing-as-a-service platform which targets corporate customers of the Microsoft 365 cloud service

Read More
cactus-ransomware

The New Cactus ransomware self-encrypts to avoid antivirus

This threat bulletin gives insight into the Cactus ransomware, which uses known flaws in VPN hardware to get early access to the networks of well-known companies

Read More
decoy-dog-malware

Decoy Dog: Malware Toolkit Targeting Enterprise Networks

This threat bulletin gives insight into the malware toolkit Decoy Dog, identified by the cybersecurity organization Infoblox which uses smart evasive strategies.

Read More
outdated-wordpress-plugin

Outdated WordPress plugin lets hackers backdoor sites

This threat bulletin gives insight into the outdated WordPress plugin that lets threat actors covertly backdoor websites

Read More
legion-hacking-tool

'Legion', a Python-Based Hacking Tool appears on telegram

This threat bulletin gives insight into the python based hacking tool Legion, used by threat actors to penetrate internet services for exploitation.

Read More
dos-attack

NPM inundated with Fake Packages, Resulting in DoS Attack

This threat bulletin gives insight into the DoS assault that interrupted NPM and caused users to receive the "Service Unavailable" error message

Read More
alienfox-malware

AlienFox hackers target AWS, Google, and Microsoft API keys & secrets

This threat bulletin provides insight into the malware AlienFox, where attackers collect API keys and secrets from well-known services

Read More
shellbot-malware

Inadequately secured Linux Systems- Victims of ShellBot DDoS Malware

This threat bulletin gives insight into ShellBot, a DDoS Bot malware written in Perl and uses IRC protocols for connection

Read More
malware-attack

Hinatabot Targets on DDOS attacks

This threat bulletin gives insight into a recent Go-based botnet HinataBot, which specializes in initiating DDoS assaults and preys on Linux-based servers

Read More
batloader-malware

BATLOADER Malware Spreads Via Google Ads, Delivers Trojans

This threat bulletin gives insight into BATLOADER malware that utilizes google advertisements to convey optional payloads like Vidar stealer & Ursnif

Read More
vmware-vulnerability

Threat Actors use two-year-old VMware vulnerability for Ransomware

This threat bulletin gives insight into alert raised on threat actors actively exploiting a two-year-old VMware Exsi vulnerability to perform ExsiArgs ransomware attacks.

Read More
bluenoroff-intrusion

BlueNoroff (APT38) adopts new methods for intrusion

This threat bulletin gives insight into APT38 BlueNoroff, a threat group targeting majorly on financial institutions and their attack methodologies

Read More
qakbot-malware

Qakbot malware uses HTML smuggling for attacks

This threat bulletin gives insight into Qakbot malware, an attacker group majorly using HTML smuggling as their attack pattern, identified by Talos researchers

Read More
cuba-ransomware

Advisory issued on Cuba Ransomware

This threat bulletin gives insight into the Cuba ransomware attack group upon whom an advisory was issued by FBI and security agencies

Read More
redigo-malware

Redigo Malware in the Redis server

This threat bulletin gives insight into Redigo Malware detected by the Nautilus research team from Aqua security and the preventive measures to be taken

Read More
hive-threat-ransomware

Hive threat Ransomware group

This threat bulletin gives insight into the Hive threat ransomware group, who targeted more than 1300 companies acquiring 100 million USD approximately

Read More
dev-056-threat-group

DEV-056 finds new ways to deliver Royal ransomware

This threat bulletin gives insight into the threat group DEV-0569, finding new ways to deliver royal ransomware upon which MSTC has published a blog

Read More
icexloader-malware

IceXLoader Malware 3.3.3 actively used in phishing campaigns

This threat bulletin gives insight into the new version of IcexLoader malware which was actively used in phishing campaigns, its detection & preventive measures

Read More
daixin-team-ransomware

Daixin Team Ransomware targeting multiple organizations

This threat bulletin gives insight into a Ransomware group, Daixin team, that has been targeting organizations since June 2022 & its prevention

Read More
firefox-multiple-vulnerability

Multiple high severity vulnerability in Firefox

This threat bulletin gives insight into the multiple high to low-severity vulnerabilities seen in Mozilla products and their prevention

Read More
alchimist-and-insekt

New attack framework Alchimist and Insekt in wild

This threat bulletin gives insight into a new attack framework and malware Insekt discovered by the researchers of Cisco's Talos along with preventive measures

Read More
fortinet-products-vulnerability

Critical Remote Authentication Vulnerability in Fortinet Products

This threat bulletin gives insight into the critical vulnerabilities seen in multiple Fortinet products along with the preventative measures to be followed

Read More
microsoft-exchange-vulnerability

Zero-Day Vulnerabilities in Microsoft Exchange Server

This threat bulletin gives insight into the various Zero-day vulnerabilities found in Microsoft Exchange Servers and ways to mitigate & detect them

Read More
sophos-firewall-vulnerability

Critical Code injection vulnerability in Sophos Firewall

This threat bulletin gives insight into the exploitation of code injection vulnerability in the user portal and web admin of Sophos firewall and its prevention

Read More
zoom-application-vulnerability

Multiple High Severity Vulnerabilities in Zoom Application

This threat bulletin gives insight into the high-severity vulnerabilities discovered in Zoom which can cause unauthorized disruptions & the preventive measures

Read More
shikitega-malware

Shikitega Malware targeting endpoint devices running on Linux OS

This threat bulletin gives insight into the newly discovered malware Shikitega that actively targets endpoint devices running on Linux operating systems

Read More
chromium-based-browsers-vulnerability

High Severity Vulnerability in Chromium based Browsers

This threat bulletin gives insight into the Zero-day vulnerability identified in chrome and chromium based browsers like Microsoft Edge and ways to prevent them

Read More
gitlab-critical-vulnerability

Critical vulnerability in Gitlab- Remote Code Execution

This threat bulletin gives insight into the Remote Code Execution Vulnerability, a critical vulnerability found in GitLab, & its preventative measures

Read More
zeppelin-ransomware

Zeppelin Ransomware demands ransom in bitcoin

This threat bulletin gives insight into Zeppelin Ransomware, a RaaS, that targets various organizations, and how to detect them

Read More
rapperbot-malware

Rapperbot malware targeting SSH servers

This threat bulletin gives insight into a rapidly evolving malware Rapperbot upon which Fortinet had published a blog and on ways to detect them

Read More
lockbit-3-0-ransomware

Lockbit 3.0 Ransomware found by security researchers

This threat bulletin gives insight into Lockbit 3.0 Ransomware, found by the security researchers of SentinelOne, and ways to detect them

Read More
havanacrypt-ransomware

Havana Crypt Ransomware posed as a Google software update

This threat bulletin gives insight into HavanaCrypt, a ransomware that poses itself as a Google software update, along with the required prevention protocols

Read More
google-chrome-vulnerability

Google Chrome Zero-day Vulnerability

This threat bulletin gives insight into Google Chrome Zero-day vulnerability that can lead to RCE (Remote Code Execution), & how to safeguard yourself.

Read More
raccoon-stealer

Raccoon Stealer back with Version 2.0

This threat bulletin gives insight into the return of a major MaaS, Raccoon Stealer, & the preventive measures that can be taken to protect yourself against it.

Read More
splunk-vulnerability

Arbitrary Code Execution Vulnerability in Splunk Enterprise

This threat bulletin gives insight into the preventive measures that can be taken to address the vulnerability of arbitrary code execution in Splunk Enterprise.

Read More

Get in touch

Send us a Message

Looking for general information or have a specific question. Fill the form below or drop
us a line at susan@positka.com.

Positka uses cookies to provide necessary site functionality and improved experience. By using our website, you agree to our privacy policy.