Threat Bounty Program Digest — July 2024 Results
Detection Content Creation, Submission & Release Members of the Threat Bounty community continue to explore and leverage the potential of…
Threats
Zola Ransomware Detection: Proton Family Evolves with a New Ransomware Variant Featuring a Kill Switch
Following in-the-wild attacks exploiting CVE-2024-37085 by diverse ransomware gangs, defenders encounter a new variant of the nefarious Proton ransomware family…
Fighting Ursa (aka APT28) Attack Detection: Adversaries Target Diplomats Using a Car for Sale as a Phishing Lure to Spread HeadLace Malware
The nefarious russian state-sponsored APT28 hacking collective, also known as Fighting Ursa, is coming into the spotlight. Since early spring…
CVE-2024-37085 Detection: Ransomware Groups Actively Exploit a Newly Patched Vulnerability in VMware ESXi Hypervisors to Gain Full Administrative Privileges
A couple of weeks after the disclosure of CVE-2024-38112, a critical vulnerability exploited by the Void Banshee group to deploy…
Andariel Attack Detection: FBA, CISA, and Partners Warn of an Increasing Global Cyber-Espionage Campaign Linked to the North Korean State-Sponsored Group
The FBI, CISA, and leading cybersecurity authorities have issued a warning over growing North Korean cyber-espionage operations linked to the…
What Is the Vulnerability Management Lifecycle?
The vulnerability management lifecycle is an essential process for defending against the escalating number of cyber threats in our modern…
Akira Ransomware Group Is on the Rise: Hackers Target the Airline Industry in LATAM
Cybersecurity researchers have recently observed a new cyber attack on a Latin American airline leveraging Akira ransomware. The attackers took…
UAC-0102 Phishing Attack Detection: Hackers Steal Authentication Data Impersonating the UKR.NET Web Service
Leveraging public email services along with corporate email accounts is a common practice among government employees, military personnel, and the…
UAC-0057 Attack Detection: A Surge in Adversary Activity Distributing PICASSOLOADER and Cobalt Strike Beacon
Defenders have observed a sudden surge in the adversary activity of the UAC-0057 hacking group targeting Ukrainian local government agencies.…
UAC-0063 Attack Detection: Hackers Target Ukrainian Research Institutions Using HATVIBE, CHERRYSPY, and CVE-2024-23692
Since the outbreak of the full-scale war in Ukraine, cyber defenders have identified the growing volumes of cyber-espionage campaigns aimed…