Cybersec Sentinel

Cybersec Sentinel

Cybersec Sentinel: 30+ years of IT expertise, delivering clear, actionable cyber security insights.
Espionage and Influence Meet Malware in UNC5812's Campaign Against Ukraine
Malware

Espionage and Influence Meet Malware in UNC5812's Campaign Against Ukraine

Threat Group: UNC5812 Threat Type: Hybrid Espionage and Influence Operation Exploited Vulnerabilities: Android and Windows vulnerabilities, including CVE-2024-47575 Malware Used: SUNSPINNER, PURESTEALER, CRAXSRAT, Pronsis Loader Threat Score: High (8.5/10) — due to multifaceted espionage and influence tactics targeting military sectors. Last Threat Observation: October 29, 2024 Overview UNC5812, a
2 min read
Docker Security Alert as TeamTNT Deploys Rootkits and Cryptominers
Malware

Docker Security Alert as TeamTNT Deploys Rootkits and Cryptominers

Threat Group: TeamTNT Threat Type: Cryptojacking, Cloud Container Exploitation Exploited Vulnerabilities: Misconfigured Docker APIs, SSH vulnerabilities in cloud environments Malware Used: Custom cryptomining scripts, Tsunami malware, Diamorphine rootkit Threat Score: Critical (9/10) — due to sophisticated, automated methods targeting widespread containerized and cloud infrastructures Last Threat Observation: October 2024, by
2 min read
SocGholish and FakeUpdate Evolved Threats in Browser-Based Attacks
Malware

SocGholish and FakeUpdate Evolved Threats in Browser-Based Attacks

Threat Group: TA569 (SocGholish operators) Threat Type: Malware Delivery via Fake Update Alerts Exploited Vulnerabilities: Compromised websites with JavaScript injection Malware Used: SocGholish (FakeUpdate), NetSupport RAT, Raspberry Robin Worm Threat Score: High (8.5/10) — Effective social engineering with broad targeting and advanced persistence techniques Last Threat Observation: October 2024
4 min read
Akira Ransomware Adapts Its Tactics to Exploit Major Vulnerabilities in 2024
Ransomware

Akira Ransomware Adapts Its Tactics to Exploit Major Vulnerabilities in 2024

Threat Group: Akira Ransomware Threat Type: Ransomware Exploited Vulnerabilities: , CVE-2024-40766 (SonicWall), CVE-2020-3259 (Cisco), CVE-2023-20263 (Cisco), CVE-2023-20269 (Cisco), CVE-2023-27532 (Veeam), CVE-2023-48788 (Ubuntu), CVE-2024-37085 (SAP), CVE-2024-40711 (Microsoft) Malware Used: Akira, Megazord Threat Score: 8.5/10 Last Threat Observation: October 22, 2024 (Resurfaced) Overview Akira ransomware has resurfaced with advanced capabilities, exploiting
2 min read