Cybersec Sentinel (Page 3)

MedusaLocker Variant ETHAN Deploys Stronger Encryption and Data Theft

MedusaLocker Variant ETHAN Deploys Stronger Encryption and Data Theft

Threat Group: MedusaLocker Threat Type: Ransomware Exploited Vulnerabilities: No specific vulnerabilities identified; relies on common malware distribution methods Malware Used: ETHAN Ransomware (variant of MedusaLocker) Threat Score: High (9.0/10) – Due to its double-extortion tactics, data encryption capabilities, and impact on critical business operations. Last Threat Observation: March 02,

Auto-Color Linux Malware Deploys Newly Detected Zero-Day

Auto-Color Linux Malware Deploys Newly Detected Zero-Day

Threat Group – BlackCrescent Threat Type – Linux Malware Exploited Vulnerabilities – CVE-2025-1023, CVE-2024-3375, Possible Zero-Day Malware Used – Auto-Color Threat Score – High (8.6/10) Last Threat Observation – February 27, 2025 Overview Auto-Color is a Linux malware strain first identified in early November 2024. Rapidly gaining traction due to its advanced persistence, obfuscation

FatalRAT Phishing Attacks Targeting APAC Industrial Sectors

FatalRAT Phishing Attacks Targeting APAC Industrial Sectors

Threat Group: Unattributed Chinese-speaking Threat Actors Threat Type: Remote Access Trojan (RAT) Exploited Vulnerabilities: No specific software vulnerabilities exploited; relies on social engineering and phishing techniques Malware Used: FatalRAT Threat Score: High (8.5/10) – Due to its sophisticated multi-stage infection chain, targeting of critical industrial sectors, and advanced evasion

Astaroth Phishing Kit Exploits 2FA Weaknesses in Gmail and O365

Astaroth Phishing Kit Exploits 2FA Weaknesses in Gmail and O365

Threat Group: Unknown Threat Type: Phishing Kit Exploited Vulnerabilities: Session Hijacking, Reverse Proxy Techniques Malware Used: Astaroth Phishing Kit Threat Score: High (8.9/10) – Due to its sophisticated methods of bypassing two-factor authentication (2FA) and real-time credential interception, posing significant risks to user accounts. Last Threat Observation: February 26

Snake Keylogger Evolves with Advanced Obfuscation Techniques

Snake Keylogger Evolves with Advanced Obfuscation Techniques

Threat Group: Unidentified Cybercriminal Group Threat Type: Keylogger/Information Stealer Exploited Vulnerabilities: No specific vulnerabilities exploited; relies on social engineering and phishing techniques Malware Used: Snake Keylogger (New Variant) Threat Score: High (8.5/10) – Due to its advanced obfuscation techniques, persistence mechanisms, and widespread targeting Last Threat Observation: February

The New Ransomware Menace Vgod Gains Momentum

The New Ransomware Menace Vgod Gains Momentum

Threat Group – Vgod Crew Threat Type – Ransomware Exploited Vulnerabilities – Unpatched remote code execution flaws, vulnerabilities in VPNs, weak passwords Malware Used – Vgod Ransomware, Custom Trojanized Toolsets Threat Score – High (8.7 out of 10) – Reflecting advanced encryption, double extortion tactics, cross-platform targeting, and alignment with broader ransomware trends Last Threat

Google Calendar Vulnerability Exposes Users to Phishing

Google Calendar Vulnerability Exposes Users to Phishing

Threat Group: - Unknown Threat Actors Threat Type: - Phishing/Malware Distribution Exploited Vulnerabilities: - Social engineering via calendar invitations Malware Used: - Various malware strains delivered through phishing links Threat Score: - Medium (7.2/10) – Exploits user trust in a widely used platform and bypasses traditional email security.

FINALDRAFT Malware Abuses Microsoft Services Stay One Step Ahead

FINALDRAFT Malware Abuses Microsoft Services Stay One Step Ahead

Threat Group: REF7707 Threat Type: Remote Access Trojan (RAT) Exploited Vulnerabilities: Abuse of Microsoft Graph API, Credential Theft via NTLM Hashes Malware Used: FINALDRAFT, PATHLOADER Threat Score: High (8.5/10) – Due to its advanced evasion techniques, use of legitimate cloud-based services for C2 communication, and its ability to compromise

The AI Deception: How Poisoned LLMs Can Trigger System Outages

The AI Deception: How Poisoned LLMs Can Trigger System Outages

Large Language Models (LLMs), a type of AI model, are rapidly changing the landscape of cybersecurity. These sophisticated algorithms can analyse vast amounts of data, identify patterns, and generate responses with remarkable accuracy. However, this reliance on AI also introduces new vulnerabilities. One of the most concerning is the potential

SystemBC RAT Poses New Risks to Linux System

SystemBC RAT Poses New Risks to Linux System

Threat Group: Various Cybercriminal Groups Threat Type: Remote Access Trojan (RAT) and Proxy Malware Exploited Vulnerabilities: No specific vulnerabilities exploited; relies on various propagation methods Malware Used: SystemBC (also known as Coroxy or DroxiDat) Threat Score: High (8.5/10) – Due to its cross-platform targeting capabilities, advanced evasion techniques, and