News - Cybersec Sentinel

News

A collection of 10 posts

GNU Wget Exposed by Malicious URI Handling in CVE-2024-38428

GNU Wget Exposed by Malicious URI Handling in CVE-2024-38428

Threat Group: N/A Threat Type: Software Vulnerability Exploited Vulnerabilities: CVE-2024-38428 Malware Used: N/A Threat Score: High (9.1/10) — Critical vulnerability due to potential for sensitive data exposure, phishing, and man-in-the-middle (MiTM) attacks. Last Threat Observation: June 2, 2024, fix commit pushed; vulnerability classified in August 2024. Overview

Palo Alto Confirms Ongoing Exploits Against PAN OS Management Interfaces

Palo Alto Confirms Ongoing Exploits Against PAN OS Management Interfaces

Threat Group: Unknown Threat Type: Remote Code Execution (RCE) Vulnerability Exploited Vulnerabilities: PAN-OS Firewall Management Interface Malware Used: Web Shells Threat Score: High (9.3/10) — Due to the critical nature of the vulnerability allowing unauthenticated remote command execution. Last Threat Observation: November 16, 2024. Overview Palo Alto Networks has

Bitter APT Resumes Operations with Newly Identified Indicators

Bitter APT Resumes Operations with Newly Identified Indicators

Threat Group: - Bitter APT (also known as APT-17 or "DeputyDog") Threat Type: - Cyber Espionage Exploited Vulnerabilities: - Microsoft Office vulnerabilities (e.g., CVE-2017-11882, CVE-2018-0798, CVE-2018-0802), Zimbra Web Client vulnerabilities Malware Used: - ZxxZ Trojan, Dracarys Android spyware, various custom Remote Access Trojans (RATs), keyloggers, and backdoors

OpenAI Impersonation Scam Puts ChatGPT Users at Risk

OpenAI Impersonation Scam Puts ChatGPT Users at Risk

Threat Group: Unknown Cybercriminals Threat Type: Phishing Attack Exploited Vulnerabilities: Credential Harvesting Malware Used: None detected, phishing-only campaign Threat Score: High (7.5/10) — Due to scale and the use of advanced impersonation tactics. Last Threat Observation: November 2024 Threat Group: Unknown Cybercriminals Threat Type: Phishing Attack Exploited Vulnerabilities: Credential

Phish 'n' Ships Aims to Disrupt the Global Shipping Industry

Phish 'n' Ships Aims to Disrupt the Global Shipping Industry

Threat Type: - Phishing and Credential Theft Exploited Vulnerabilities: - Human Error via Phishing Attacks Malware Used: - None specified (primarily credential-harvesting techniques) Threat Score: - Moderate to High (7.5/10) — The campaign targets the maritime sector, a critical infrastructure, with phishing designed to penetrate operational technology (OT) networks.

Intel and AMD Face Renewed Threat From Spectre Exploits

Vulnerabilities

Intel and AMD Face Renewed Threat From Spectre Exploits

Threat Group: N/A (Multiple Research Teams) Threat Type: Speculative Execution Vulnerability Bypass Exploited Vulnerabilities: CVE-2023-38575 (Intel), CVE-2022-23824 (AMD) Malware Used: N/A (Exploit technique) Threat Score: High (8.5/10) — Due to its ability to bypass significant speculative execution mitigations in widely used CPUs. Last Threat Observation: October 18,

IntelBroker Targets Cisco in High-Impact Data Breach

IntelBroker Targets Cisco in High-Impact Data Breach

Threat Group: IntelBroker Threat Type: Data Breach, Espionage Exploited Vulnerabilities: Third-party DevOps provider involvement, hard-coded credentials, API tokens Malware Used: N/A Threat Score: High (9.0/10) — Significant exposure of source code, credentials, and customer data Last Threat Observation: October 6, 2024 Overview IntelBroker, in collaboration with EnergyWeaponUser and

The Dark Side of AI: How Cybercriminals Are Exploiting ChatGPT for Cyberattacks

The Dark Side of AI: How Cybercriminals Are Exploiting ChatGPT for Cyberattacks

OpenAI recently released an in-depth report on the misuse of its AI models, specifically ChatGPT, by cyber threat groups. This report sheds light on how cybercriminals have exploited AI tools to enhance their operations, targeting sectors from social media influence to malware development. OpenAI’s findings are a stark reminder

Minecraft Under Siege: Record-Breaking 3.15 Billion Packet DDoS Attack Marks a New Era of Cyber Threats

Minecraft Under Siege: Record-Breaking 3.15 Billion Packet DDoS Attack Marks a New Era of Cyber Threats

Threat Details: * Threat Group: Unknown (Utilised multiple botnets) * Threat Type: Distributed Denial of Service (DDoS) * Exploited Vulnerabilities: Devices vulnerable to CVE-2023-2231 (e.g., DrayTek Vigor routers, Hikvision IP cameras) * Malware Used: Not specified, but botnets were leveraged * Threat Score: High (9/10) — Due to the unprecedented packet rate and multi-vector

Cybersec Sentinel Is Back—and Better Than Ever!

Cybersec Sentinel Is Back—and Better Than Ever!

After a week of being offline, we’re thrilled to announce that Cybersec Sentinel is back, stronger, and more secure than ever before! This wasn’t just a routine update—this was a strategic overhaul to ensure that Cybersec Sentinel can continue to be your trusted source for cybersecurity advisories