ALERTS MARCH 2024  HOME  AI  APT  BOTNET  CAMPAIGN  CRIME  CRYPTOCURRENCY  EXPLOIT  HACKING  GROUP  OPERATION  PHISHING  RANSOM  SPAM  VIRUS  VULNEREBILITY | 2024  2025


2024 March(16) April(92) May(99) June(94) July(88) August(112) SEPTEMBER(67) October(13) November(80) December(6)


DATE

NAME

INFO

CATEGORY

SUBCATE

30.3.24 CVE-2024-20767 - Adobe ColdFusion vulnerability CVE-2024-20767 is a directory traversal vulnerability in Adobe ColdFusion, which is a development platform for building and deploying web and mobile applications. ALERTS VULNEREBILITY
30.3.24 Sync-Scheduler Infostealer A Infostealer dubbed as Sync-Scheduler, written in C++, has been reported as being distributed concealed within Office document files. ALERTS VIRUS
30.3.24 WarzoneRAT malware re-emerges with new samples WarzoneRAT (also known as AveMaria) is a commodity Remote Access Trojan variant used by various threat groups in recent years. ALERTS VIRUS
30.3.24 TheMoon malware targets thousands of insecure routers A new malicious campaign featuring an updated version of TheMoon, a notorious malware family has been reported. This latest variant of TheMoon appears to target insecure outdated home routers, ALERTS VIRUS
30.3.24 Beware of FlightNight A new threat actor has been observed using similar Tactics, Techniques and Procedures (TTPs) to recent Go-Stealer campaigns targeting Indian government entities. ALERTS VIRUS
28.3.24 Dropper disguised as legitimate PuTTy Software A threat actor has been reported purchasing an ad claiming to be the PuTTY homepage. This ad appeared at the top of the Google search results page, although it has since been removed. It appeared just before the official PuTTY website ALERTS VIRUS
28.3.24 Mispadu Stealer extends its reach Mispadu Stealer (known also as Ursa) has shown some increased activity in recent distribution campaigns. ALERTS VIRUS
28.3.24 Qilin ransomware remains an active threat in the landscape Qilin, also known as Agenda, is a Rust-based ransomware variant discovered in 2022. The malware has been spreading actively in the wild in recent months, with ongoing developments evident in new versions. ALERTS RANSOM
28.3.24 SnowLight downloader spread in campaigns exploiting F5 BIG-IP and ScreenConnect vulnerabilities Recent malicious campaigns attributed to the UNC5174 threat group have been reported to exploit F5 BIG-IP (CVE-2023-46747) and Connectwise ScreenConnect (CVE-2024-1709) vulnerabilities for malware delivery. ALERTS VIRUS
27.3.24 Stately Taurus APT Campaign Targeting Asian Countries Researchers observed a recent Stately Taurus (aka Mustang Panda) APT campaign during an ASEAN-Australia Special Summit held just this month targeting Asian countries. ALERTS APT
27.3.24 VCURMS and STRRAT being delivered via links in spam messages A java downloader has been discovered delivering VCURMS and STRRAT remote access trojans. This downloader is deployed via email with links to malicious JAR files. These two RATs will then download a modified Rude Stealer and keylogger for data exfiltration. ALERTS VIRUS
26.3.24 VCURMS and STRAT being delivered via links in spam messages A java downloader has been discovered delivering VCURMS and STRRAT remote access trojans. This downloader is deployed via email with links to malicious JAR files. These two RATs will then download a modified Rude Stealer and keylogger for data exfiltration. ALERTS VIRUS
26.3.24 VCURMS and STRRAT being delivered via links in spam messages A java downloader has been discovered delivering VCURMS and STRRAT remote access trojans. This downloader is deployed via email with links to malicious JAR files. These two RATs will then download a modified Rude Stealer and keylogger for data exfiltration. ALERTS VIRUS
26.3.24 New backdoor WineLoader Phishing attacks impersonating political parties with an invite lure to diplomats for a wine-tasting event has been used to deploy WineLoader malware. ALERTS VIRUS
26.3.24 New remote control backdoor leveraging malicious drivers emerges in China In a recent campaign observed in China, a new remote control backdoor was distributed. ALERTS VIRUS
26.3.24 Emergence of Mirai Nomi in the Threat Landscape A new Mirai botnet variant, named Mirai Nomi, has emerged in the threat landscape. This variant features modified UPX packing, a time-dependent Domain Generation Algorithm (DGA) for command and control, and multiple encryption and hashing algorithms. ALERTS BOTNET