Broadcom Product Security Update Advisory (CVE-2025-22230)
Overview We have released a security update to fix vulnerabilities in Broadcom products. Users of affected products are advised to update to the latest version. Affected Products CVE-2025-22230 VMware Tools for Windows 12.xx.xx Versions VMware Tools for Windows 11.xx.xx Versions Resolved Vulnerabilities Authentication Bypass Vulnerability (CVE-2025-22230)
Ransom & Dark Web Issues Week 4, March 2025
ASEC Blog publishes Ransom & Dark Web Issues Week 4, March 2025 * New ransomware group Arkana Security claims attack on a US telecommunications company. * New ransomware group Frag claims attacks on 27 companies located in the US,
Mozilla Products March 2025 1st Security Update Advisory
Overview An update has been made available to address a vulnerability in Mozilla products (Firefox, Firefox ESR versions). users of affected products are advised to update to the latest version. Affected Products Firefox 136.0.4 Firefox ESR 115.21.1 Firefox ESR 128.8.1 and earlier Resolved Vulnerabilities Critical
Mark of the Web (MoTW) Bypass Vulnerability
Overview Mark of the Web (MoTW) is a Windows feature that identifies files downloaded from the Internet and displays a security warning, as well as restricts the files to be executed with a warning message or in a protected mode. However, threat actors have been bypassing Mark of the Web
March 27, 2025
March 27, 2025 Hash 1e048b2292dffc743e8d8cc3bf3ee70c5 2981a248251067f2a970b365eee0d6087 35328df15b6a09836be4c05308955dc16 URL 1https[:]//4ad74aab[.]xyz/index[.]php 2http[:]//2xn7ko[.]weebly[.]com/ 3http[:]//117[.]95[.]62[.]248[:]51952/bin[.]sh IP 152[.]183[.]128[.]237 2125[.]124[.]209[.]172 3172[.]174[.]5[.]146...
March 26, 2025
March 26, 2025 Hash 1d8f8368503dad2f8532ac240b20b4038 2b209b97a0e742220e8ff6de03a6f4a2c 32063ad5b2630adf35f121789790a4e84 URL 1https[:]//milleniumplazasuites[.]mx/34356643build/vps[.]html 2http[:]//101[.]108[.]104[.]145[:]60228/bin[.]sh 3http[:]//222[.]137[.]118[.]251[:]55549/Mozi[.]m IP 1166[.]1[.]131[.]223 2140[.]240[.]116[.]92 3140[.]240[.]116[.]91...
Weekly Detection Rule (YARA and Snort) Information – Week 4, March 2025
The following is the information on Yara and Snort rules (week 4, March 2025) collected and shared by the AhnLab TIP service. 10 YARA Rules Detection name Description Source PK_Alibaba_whizkossy Phishing Kit impersonating Alibaba https://github.com/t4d/PhishingKit-Yara-Rules PK_Caixa_db Phishing Kit impersonating Caixa Bank https://github.com/t4d/PhishingKit-Yara-Rules PK_MBHBank_takare Phishing Kit impersonating MBH Bank from Hungary
March 25, 2025
March 25, 2025 Hash 177162dba125e061e9e86ce77023722dc 26d25d0b6a28b5f12e073f5afb099605d 3398ab46e27982dfd2028bf42f4832fa8 URL 1http[:]//176[.]65[.]144[.]3/host/POPO[.]ps1 2http[:]//malenatango[.]ru/wp-content/uploads/2022/06/Diskovery[.]pdf 3http[:]//url1[.]io/TBiHD IP 1158[.]51[.]126[.]147 2189[.]142[.]104[.]108 361[.]52[.]168[.]95...
Veeam Product Security Update Advisory (CVE-2025-23120)
Overview We have released a security update to fix vulnerabilities in Veeam products. Users of affected products are advised to update to the latest version. Affected Products CVE-2025-23120 Veeam Backup & Replication 12.3.0.310 and earlier versions Resolved Vulnerabilities Remote code execution vulnerability in Veeam Backup &
HancomWith, LaonSecure, and Innyline Products Security Update Recommendations
Overview We have released security updates to fix vulnerabilities in HancomWith, Raonsecure, and Inniline products. All users and representatives of organizations operating these S/W should update to the latest version according to the solution. Affected Products AnySign4PC 1.1.4.3 and earlier versionsTouchEn nxKey 1.0.0.89 and earlier versionsCrossEX 1.0.2.16 and earlier
