Ransom & Dark Web Issues Week 4, October 2024
ASEC Blog publishes Ransom & Dark Web Issues Week 4, October 2024 Hacktivist Anonymous Sudan: Indicted by the U.S. Department of Justice IntelBroker Announces New Post on South Korean Government Agencies and the Ministry of National Defense Hacking of Servers of Domestic and Foreign Automobile Manufacturers’
BlueKeep Attack Detected by AhnLab EDR
BlueKeep (CVE-2019-0708) is a vulnerability revealed in May 2019, occurring during the Remote Desktop Protocol (RDP) connection process between a client and server. When a client sends a malicious packet through a specific channel (MS_T120), a Use-After-Free vulnerability occurs, allowing remote code execution.[1] This vulnerability has been discussed on the
Analysis Report on the Latest Attack Cases by Kimsuky Group Exploiting PebbleDash and RDP Wrapper
Analysis Overview AhnLab SEcurity intelligence Center (ASEC) recently identified that the Kimsuky group is using the backdoor PebbleDash and RDP Wrapper in multiple attacks. The threat actor uses LNK during initial access to install PowerShell malware on the infected system. Once this process is complete, they install custom-made remote control
October 24, 2024
October 24, 2024 Hash 19ffa11259239fd3ce96f4fac4da0e593 2825d6e4f2b903a215bd783d9999ee2da 342d722cec277caff24c65bd6a81c413a URL 1http[:]//138[.]204[.]196[.]254[:]37132/i 2https[:]//ionfasr731[.]weebly[.]com/ 3http[:]//sogou-shurufa[.]com/sogou_pinyin_guanwang_14[.]9c[.]exe IP 1120[.]244[.]200[.]6 247[.]236[.]104[.]193 359[.]127[.]44[.]65...
Siemens Product Security Update Advisory
Overview An update has been released to address vulnerabilities in Siemens Products. Users of...
Fortinet Product Security Update Advisory (CVE-2024-47575)
Overview An update has been released to address vulnerabilities in Fortinet Products. Users of...
