DESCRIPTION:Multiple vulnerabilities have been discovered in Cisco SD-WAN vManageSoftware, the most severe of which could allow for arbitrary codeexecution. Cisco SD-WAN provides a centralized management interface ofan organization’s WAN including their cloud and data center environment.Successful exploitation of the most severe of these vulnerabilitiescould allow an unauthenticated, remote attacker to execute code on theaffected systems. Depending on the privileges associated with theapplication, an attacker could...
Read More
Transparent Tribe (also known as PROJECTM and MYTHIC LEOPARD) is a very prolific group that is well-known in the cybersecurity industry for its massive espionage campaigns. The APT group Transparent Tribe is mounting an ongoing cyberespionage campaign, researchers said, which is aimed at military and diplomatic targets around the world. Transparent Tribe mainly relies on both spear phishing and watering hole attacks to gain its...
Read More
Threat actor group “ALTDOS” operate by accessing and exfiltrating companies databases and have focus mainly on South-East Asia including Bangladesh.“ALTDOS” is known to extort companies for ransom for the data exfiltrated. Not much is known about this group, other than the breach reports. Target sectors: Financial-services,retail,communications,construction,energy,pharmaceuticals,telecommunications External Reference relared to “ALTDOS” threat actor:https://www.databreaches.net/thai-media-and-content-conglomerate-mono-next-public-company-hit-by-altdos-hackers/https://www.databreaches.net/thai-securities-trading-firm-goes-offline-after-cyberattack/
DESCRIPTION:Multiple vulnerabilities have been discovered in VMware vRealizeOperations Manager, which could result in remote code execution. VMwarevRealize Operations Manager is an IT management platform which enablesvisibility, optimization and management of an organization’s physical,virtual and cloud infrastructure. This software comes within an APIwhich enables developers to build vRealize Operations Manager clients tocommunicate with the server over HTTP. Successful exploitation of thesevulnerabilities could allow an attacker to...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in Cisco Jabber the mostsevere of which could allow for arbitrary code execution. Cisco Jabberprovides instant messaging (IM), voice, video, voice messaging, desktopsharing, and conferencing on any device. Successful exploitation of themost severe of these vulnerabilities could allow an unauthenticated,remote attacker to execute code on the affected systems. Depending onthe privileges associated with the application, an attacker could theninstall programs;...
Read More
Click below to download the report:
DESCRIPTION:Multiple vulnerabilities have been discovered in F5 products, the mostsevere of which could allow for remote code execution. * BIG-IP and BIG-IP Advanced WAF/ASM are a family of products coveringsoftware and hardware designed around application availability, accesscontrol, and security solutions.* BIG-IQ enables administrators to centrally manage BIG-IPinfrastructure across the IT landscape. It discovers, tracks, manages,and monitors physical and virtual BIG-IP devices – in the cloud,...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in ArubaNetwork’s InstantAccess Point that could allow for arbitrary code execution. Aruba (aHewlett Packard Enterprise company) is the worldwide second-largestenterprise WLAN vendor. ArubaNetworks Instant Access Point is Wi-Fihardware which virtualizes Aruba Mobility Controller capabilities on802.11 access points (APs). Successful exploitation of thesevulnerabilities could allow an attacker to execute arbitrary code incontext of the user running the application. Depending on the...
Read More
