Cybersec Sentinel

Cybersec Sentinel

Cybersec Sentinel: 30+ years of IT expertise, delivering clear, actionable cyber security insights.
Advanced Malware SteelFox Uses Windows Vulnerabilities for System Access
Malware

Advanced Malware SteelFox Uses Windows Vulnerabilities for System Access

Threat Group: Unknown Threat Type: Crimeware Bundle (Information Stealer and Cryptominer) Exploited Vulnerabilities: CVE-2020-14979, CVE-2021-41285 Malware Used: SteelFox Threat Score: High (8.5/10) — Due to advanced privilege escalation, data theft, and cryptocurrency mining techniques. Last Threat Observation: November 2024 Overview SteelFox is a sophisticated malware campaign that combines information-stealing
2 min read
APT36 Goes Cloudy ElizaRAT Puts Indian Systems in the Crosshairs
Malware

APT36 Goes Cloudy ElizaRAT Puts Indian Systems in the Crosshairs

Threat Group: APT36 (Transparent Tribe) Threat Type: Remote Access Trojan (RAT) Exploited Vulnerabilities: Windows, Linux-based espionage with cloud-based C2 communication Malware Used: ElizaRAT, ApoloStealer Threat Score: High (8.8/10) — Enhanced evasion and control tactics, leveraging multiple cloud services for concealment Last Threat Observation: November 2024 (AlienVault, Check Point Research)
3 min read
Interlock Ransomware Targets FreeBSD and Critical Infrastructure
Ransomware

Interlock Ransomware Targets FreeBSD and Critical Infrastructure

Threat Group: Interlock Threat Type: Ransomware Exploited Vulnerabilities: Network vulnerabilities; FreeBSD and VMware ESXi environments Malware Used: Interlock ransomware variants for FreeBSD and Windows Threat Score: High (8.0/10) — due to cross-platform targeting, focus on critical infrastructure, and double-extortion tactics Last Threat Observation: November 2024 Overview Interlock ransomware is
2 min read
Emerging Threat Play Ransomware Targets Critical Infrastructure
Ransomware

Emerging Threat Play Ransomware Targets Critical Infrastructure

Threat Type: Ransomware Exploited Vulnerabilities: Microsoft Exchange ProxyNotShell (CVE-2022-41040, CVE-2022-41082), FortiOS vulnerabilities (CVE-2018-13379, CVE-2020-12812), Remote Desktop Protocol (RDP) Malware Used: Play ransomware encryptor, custom VSS copying tool, Grixba information stealer Threat Score: Critical (9/10) — Enhanced threat level due to state-backed collaborations and increased targeting of high-value sectors Last Threat
3 min read