Cybersec Sentinel - Cybersec Sentinel (Page 5)

Cybersec Sentinel

Cybersec Sentinel: 30+ years of IT expertise, delivering clear, actionable cyber security insights.

Palo Alto Confirms Ongoing Exploits Against PAN OS Management Interfaces

Palo Alto Confirms Ongoing Exploits Against PAN OS Management Interfaces

Threat Group: Unknown Threat Type: Remote Code Execution (RCE) Vulnerability Exploited Vulnerabilities: PAN-OS Firewall Management Interface Malware Used: Web Shells Threat Score: High (9.3/10) — Due to the critical nature of the vulnerability allowing unauthenticated remote command execution. Last Threat Observation: November 16, 2024. Overview Palo Alto Networks has

Vietnamese Hackers Use Python Based PXA Stealer for Sensitive Data Theft

Vietnamese Hackers Use Python Based PXA Stealer for Sensitive Data Theft

Threat Group: Vietnamese-speaking threat actors (linked to CoralRaider and Lone None) Threat Type: Information Stealer Exploited Vulnerabilities: Targets sensitive data including credentials, VPNs, FTP clients, browser cookies, and gaming platforms Malware Used: PXA Stealer Threat Score: High (9.0/10) — Comprehensive data theft capabilities and strong targeting focus on government

Iranian Hackers Deploy WezRat in Targeted Phishing Campaigns

Iranian Hackers Deploy WezRat in Targeted Phishing Campaigns

Threat Group: - Emennet Pasargad (Cotton Sandstorm) Threat Type: - Remote Access Trojan (RAT) / Infostealer Exploited Vulnerabilities: - Social engineering through phishing campaigns Malware Used: - WezRat Threat Score: - High (8.5/10) — Due to its modular design, advanced espionage capabilities, and targeted nature. Last Threat Observation: - November

HawkEye Malware Continues to Threaten Organizations with Advanced Evasion

HawkEye Malware Continues to Threaten Organizations with Advanced Evasion

Threat Group: Various Cybercriminal Actors Threat Type: Information-Stealing Malware Exploited Vulnerabilities: Primarily delivered via phishing emails and "free" software disguised as malware; also targets vulnerabilities in Microsoft Office to execute malicious code. Malware Used: HawkEye, also known as PredatorPain Threat Score: High (8.5/10) — Given its long

Iranian Hackers Use GitHub and Phishing to Evade Detection in SnailResin Attack

Iranian Hackers Use GitHub and Phishing to Evade Detection in SnailResin Attack

Threat Group: Smoke Sandstorm (also tracked as TA455) Threat Type: Trojan Loader Exploited Vulnerabilities: Phishing and social engineering tactics Malware Used: SnailResin (loader), SlugResin (backdoor) Threat Score: High (8.5/10) — Due to advanced delivery techniques, cross-industry targeting, and evasive C2 methods Last Threat Observation: November 14, 2024. Overview The

Bitter APT Resumes Operations with Newly Identified Indicators

Bitter APT Resumes Operations with Newly Identified Indicators

Threat Group: - Bitter APT (also known as APT-17 or "DeputyDog") Threat Type: - Cyber Espionage Exploited Vulnerabilities: - Microsoft Office vulnerabilities (e.g., CVE-2017-11882, CVE-2018-0798, CVE-2018-0802), Zimbra Web Client vulnerabilities Malware Used: - ZxxZ Trojan, Dracarys Android spyware, various custom Remote Access Trojans (RATs), keyloggers, and backdoors

Ymir and RustyStealer Malware Duo Escalates Cyber Threat Landscape

Ymir and RustyStealer Malware Duo Escalates Cyber Threat Landscape

Threat Group: Unidentified Threat Actor Threat Type: Ransomware, Info-Stealer Exploited Vulnerabilities: Common file encryption mechanisms, credential theft techniques Malware Used: Ymir Ransomware, RustyStealer Threat Score: High (8.2/10) — Due to its dual-impact functionality that combines data theft with ransomware encryption. Last Threat Observation: November 10, 2024 Overview A newly

Advanced Malware SteelFox Uses Windows Vulnerabilities for System Access

Advanced Malware SteelFox Uses Windows Vulnerabilities for System Access

Threat Group: Unknown Threat Type: Crimeware Bundle (Information Stealer and Cryptominer) Exploited Vulnerabilities: CVE-2020-14979, CVE-2021-41285 Malware Used: SteelFox Threat Score: High (8.5/10) — Due to advanced privilege escalation, data theft, and cryptocurrency mining techniques. Last Threat Observation: November 2024 Overview SteelFox is a sophisticated malware campaign that combines information-stealing

AndroxGh0st Malware Evolves to Target IoT and Critical Infrastructure

AndroxGh0st Malware Evolves to Target IoT and Critical Infrastructure

Threat Group: Unknown Threat Type: Malware/Botnet Exploited Vulnerabilities: CVE-2017-9841, CVE-2018-15133, CVE-2021-41773 Malware Used: AndroxGh0st Threat Score: High (8.5/10) — Due to its focus on critical infrastructure, advanced exploitation techniques, and integration with other botnets. Last Threat Observation: November 8 Overview AndroxGh0st is a Python-based malware that has evolved

Remcos RAT Malware Campaign Poses Persistent Threat to Windows Users

Remcos RAT Malware Campaign Poses Persistent Threat to Windows Users

Cybersec Sentinel November 9, 2024 Threat Group: Various Cybercriminal Entities Threat Type: Remote Access Trojan (RAT) Exploited Vulnerabilities: Phishing emails, CVE-2017-0199, multi-layer obfuscation Malware Used: Remcos RAT Threat Score: Medium Last Threat Observation: November 9, 2024 Overview Remcos RAT, a commercial RAT initially marketed as a legitimate tool for remote