CIRT Team
in Articles, English articles, News
Egregor Ransomware
Egregor is a ransomware from the Sekhmet malware family that has been active since the middle of September 2020. The ransomware group hacks into companies, steals information, and finally encrypts all the data. The level of sophistication of their attacks, adaptability to infect such a broad range of victims, and significant increase in their activity suggests that Egregor ransomware operators have been developing their malware...
Read More
in Security Advisories & Alerts
A Vulnerability in Mozilla Thunderbird Could Allow for Arbitrary Code Execution
DESCRIPTIONA vulnerability has been discovered in Mozilla Thunderbird, which could allow for arbitrary code execution. Mozilla Thunderbird is an email client. Successful exploitation of this vulnerability could allow for arbitrary code execution. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to...
Read More
in Security Advisories & Alerts
Multiple Vulnerabilities in VMware SD-WAN Orchestrator Could Allow for Arbitrary Code Execution
DESCRIPTIONMultiple vulnerabilities have been discovered in VMware SD-WAN Orchestrator, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges given to the host machine. Depending on the privileges associated with VMware SD-WAN Orchestrator, an attacker could then install programs; view, change, or delete data; or create...
Read More
in Security Advisories & Alerts
GlobeImposter ransomware
The GlobeImposter ransomware family first appeared around August of 2017. In early 2019, GlobeImposter ransomware underwent extensive modifications, after which the authors re-released it, causing havoc around the world. Ransom.GlobeImposter is a ransomware application that will encrypt files on a victim machine and demand payment to retrieve the information.Ransom.GlobeImposter may be distributed through a malicious spam campaign, recognizable only with their lack of message content...
Read More
in Security Advisories & Alerts
Stantinko Botnet Now Targeting Linux Servers
Stantinko, one of the oldest malware botnets still operating today, has rolled out updates to its class of Linux malware, upgrading its trojan to pose as the legitimate Apache web server process (httpd) in order to make detection harder on infected hosts. According to a new analysis published by Intezer,come to confirm that despite a period of inactivity in regards to code changes, the Stantinko...
Read More
in Security Advisories & Alerts
Threat Alert – ‘CostaRicto’ Hack-for-Hire Mercenary Group : Targets Global Businesses
A hackers-for-hire operation has been discovered using a strain of previously undocumented malware to target South Asian financial institutions and global entertainment companies. The BlackBerry Research and Intelligence team have been monitoring a cyber-espionage campaign that is targeting disparate victims around the globe. The campaign, dubbed CostaRicto by BlackBerry, appears to be operated by “hackers-for-hire”, a group of APT mercenaries who possess bespoke malware tooling...
Read More
in Articles, Bangla Articles, News
জাতীয় সাইবার ড্রিল ২০২০, নিবন্ধন শুরু
কম্পিউটার প্রযুক্তির বিপ্লবের সাথে এর নানামুখী ব্যবহারও বাড়ছে । বর্তমানে কম্পিউটার সকল ধরনের দাপ্তরিক কাজের পাশাপাশি শিক্ষা, ব্যাংকিং, চিকিৎসাক্ষেত্রসহ সব ধরনের ব্যবসা পরিচালনা ও এর তথ্য সংরক্ষণে ব্যবহৃত হয়। কম্পিউটারের উৎকর্ষতার পাশাপাশি এর অপব্যবহারও বাড়িয়ে তুলেছে যা সাইবার অপরাধ হিসেবে চিহ্নিত। সাইবার অপরাধ শব্দটি প্রযুক্তি ব্যবহারকারীদের কাছে স্বল্প পরিচিত হলেও প্রযুক্তিবিদদের কাছে এটি অতি পরিচিত ও ভীতিকর শব্দ। এ বিষয়ে জানা না থাকলেও লক্ষ লক্ষ...
Read More
