What's new arround internet
Last one

Src Date (GMT) Titre Description Tags Stories Notes
Blog.webp 2024-07-31 15:00:00 VMware Product Security Update Advisory (CVE-2024-37085) (lien direct) Aperçu & # 160;VMware a publié des mises à jour pour corriger les vulnérabilités de leurs produits.Il est conseillé aux utilisateurs de versions affectées de mettre à jour la dernière version.& # 160;Produits affectés & # 160;CVE-2024-37085 VMWare ESXi Version: 8.0 VMware ESXi Version: 7.0 VMware Cloud Foundation Version: 5.x VMWare Cloud Foundation Version: 4.x & # 160;Vulnérabilités résolues & # 160;Vulnérabilité de contournement d'authentification (CVE-2024-37085) [& # 8230;]
Overview   VMware has released updates to fix vulnerabilities in their products. Users of affected versions are advised to update to the latest version.   Affected Products   CVE-2024-37085 VMware ESXi version: 8.0 VMware ESXi version: 7.0 VMware Cloud Foundation version: 5.X VMware Cloud Foundation version: 4.X   Resolved Vulnerabilities   Authentication bypass vulnerability (CVE-2024-37085) […]		 Vulnerability Cloud
Blog.webp 2024-07-31 15:00:00 Ewelink Product Security Update Advisory (CVE-2024-7205) (lien direct) Aperçu & # 160;Ewelink a publié une mise à jour pour aborder une vulnérabilité dans leur produit.Il est conseillé aux utilisateurs de versions affectées de mettre à jour la dernière version.& # 160;Produits affectés & # 160;CVE-2024-7205 Ewelink Cloud Service HomePage Module Versions: 2.0.0 (inclusive) ~ 2.19.0 (exclusive) & # 160;& # 160;Vulnérabilités résolues & # 160;Vulnérabilité dans le module de page d'accueil de l'Ewelink [& # 8230;]
Overview   eWeLink has released an update to address a vulnerability in their product. Users of affected versions are advised to update to the latest version.   Affected Products   CVE-2024-7205 eWeLink Cloud Service homepage module versions: 2.0.0 (inclusive) ~ 2.19.0 (exclusive)     Resolved Vulnerabilities   Vulnerability in the homepage module of the eWeLink […]		 Vulnerability Cloud
Blog.webp 2024-06-11 00:44:51 Attaques aptes utilisant le stockage cloud
APT Attacks Using Cloud Storage (lien direct)		 Ahnlab Security Intelligence Center (ASEC) a partagé des cas d'attaques dans lesquels les acteurs de la menace utilisent des services de cloud telsEn tant que Google Drive, OneDrive et Dropbox pour collecter des informations utilisateur ou distribuer des logiciels malveillants.[1] [2] [3] & # 160; Les acteurs de la menace télécharge principalement des scripts malveillants, des souches de logiciels malveillants de rat et des documents de leurre sur les serveurs cloud pour effectuer des attaques.Les fichiers téléchargés fonctionnent systématiquement et effectuent divers comportements malveillants.Le processus du premier fichier de distribution à l'exécution des logiciels malveillants de rat est le suivant: dans tel ...
AhnLab SEcurity intelligence Center (ASEC) has been sharing cases of attacks in which threat actors utilize cloud services such as Google Drive, OneDrive, and Dropbox to collect user information or distribute malware. [1][2][3] The threat actors mainly upload malicious scripts, RAT malware strains, and decoy documents onto the cloud servers to perform attacks. The uploaded files work systematically and perform various malicious behaviors. The process from the first distribution file to the execution of RAT malware is as follows: In such... 		Malware Threat Cloud ★★
Blog.webp 2023-03-28 01:05:56 Emotet est distribué via onenote [Emotet Being Distributed via OneNote] (lien direct) Ahnlab Security Emergency Response Center (ASEC) a récemment découvert la distribution d'Emotet distribuée via OneNote.Un e-mail de phishing de lance comme ci-dessous avec un fichier OneNote invite le lecteur à ouvrir la pièce jointe qui contient un fichier de script malveillant (fichier JS).Lors de l'exécution du fichier OneNote, il ordonne à l'utilisateur de cliquer sur le bouton pour se connecter au cloud pour ouvrir le document.Ceci & # 8216; Suivant & # 8217;Le bouton est inséré avec un script malveillant nommé output1.js.Comme indiqué ci-dessous, le ...
AhnLab Security Emergency response Center (ASEC) has recently discovered the distribution of Emotet being distributed via OneNote. A spear phishing email as below attached with a OneNote file prompts the reader to open the attachment which contains a malicious script file (JS file). Upon running the OneNote file, it directs the user to click the button to connect to the cloud to open the document. This ‘Next’ button is inserted with a malicious script named output1.js. As shown below, the... 		Cloud
Blog.webp 2023-03-08 23:30:00 CHM Malware Disguised as Security Email from a Korean Financial Company: Redeyes (Scarcruft) (lien direct) The ASEC (AhnLab Security Emergency response Center) analysis team has discovered that the CHM malware, which is assumed to have been created by the RedEyes threat group (also known as APT37, ScarCruft), is being distributed to Korean users. The team has confirmed that the command used in the “2.3. Persistence” stage of the RedEyes group’s M2RAT malware attack, which was reported back in February, has the same format as the command used in this attack. This information, as well as... Malware Threat Cloud APT 37 ★★
Blog.webp 2023-02-21 01:00:00 HWP Malware Using the Steganography Technique: RedEyes (ScarCruft) (lien direct) In January, the ASEC (AhnLab Security Emergency response Center) analysis team discovered that the RedEyes threat group (also known as APT37, ScarCruft) had been distributing malware by exploiting the HWP EPS (Encapsulated PostScript) vulnerability (CVE-2017-8291). This report will share the RedEyes group’s latest activity in Korea. 1. Overview The RedEyes group is known for targeting specific individuals and not corporations, stealing not only personal PC information but also the mobile phone data of their targets. A distinct characteristic of the... Malware Vulnerability Threat Cloud APT 37 ★★★
Last update at: 2024-08-03 08:19:01
See our sources.
My email:

To see everything: RSS Twitter