top of page

Global Cyber ​​Alert: Malware and Critical Vulnerabilities in the Spotlight


En el boletín de seguridad de esta semana se registran amenazas en categorías de Malware de nivel crítico
In this week's security bulletin, threats are recorded in critical-level Malware categories.

In this week's security bulletin, threats are recorded in critical-level Malware categories, as well as Vulnerabilities that compromise Google and Wordpress systems. There is talk of NiceRAT, a RAT and stealer malware developed in Python, it is aimed at users in South Korea. This malware spreads through cracked software and tools that offer fake license verification, using a botnet to distribute the malware.


A China-linked cyber espionage group has also attacked an organization in East Asia using legacy F5 BIG-IP devices. In other malware news, DISGOMOJI, used by the UTA0137 group, attacks government entities in India. Written in Golang, it uses Discord for C2 communication and spreads via phishing attacks.


VMware has disclosed multiple critical vulnerabilities in its vCenter Server platform, allowing remote code execution and privilege escalation. Identified as CVE-2024-37079, CVE-2024-37080, and CVE-2024-37081, these flaws expose vCenter Server to attacks via crafted network packets. Another critical vulnerability has been detected in the Woody Code Snippets WordPress plugin that allows remote code execution. This vulnerability affects more than 70,000 websites, allowing authenticated users to execute arbitrary PHP code on the server.


For more details of the weekly newsletter: Clic here


2 views0 comments

Comentários


bottom of page