Cisco Webex Meetings Desktop App Vulnerability

Avertium Threat Report

Cisco Webex Meetings Desktop App Vulnerability Overview This threat report is about a Cisco Webex Meetings Desktop App vulnerability referred to as CVE-2020-3263. Because of its high severity impact, CVE-2020-3263 has been given a 7.5 base CVSS Score. Exploitation of this vulnerability could allow a remote unauthenticated attacker to execute programs on an end-user’s system. […]

New FK_Undead Malware Modules

Avertium Threat Report

Overview of New FK_Undead Malware Modules This threat report is about a set of new modules added to the FK_Undead malware and provides actionable intelligence to protect against this threat. The modules can bypass standard host-based security software suites with ease. The malware itself is highly modular and can adapt to any environment rather quickly. […]

Recent Surge in Two WordPress Attacks

Avertium Threat Report

Overview of WordPress Attacks on the Rise This threat report is about a recent surge in two types of attacks against websites running the WordPress content management system (CMS). WordPress is the most popular CMS and runs on millions of websites. Over the past six weeks sources have reported increased malicious traffic against WordPress sites. […]

VMWare Tools Vulnerability Allows Administrative Access

Avertium Threat Report

Overview of VMWare Vulnerability CVE-2020-3957 This threat report is about a VMware local privilege escalation vulnerability referred to as CVE-2020-3957. Exploitation of this VMWare tools vulnerability could allow an attacker to gain administrative level privileges on a system. Patches are available to remediate this VMWare security vulnerability in the affected products. VMWare Vulnerability CVE-2020-3957 Tactics, […]

Ragnar Locker Ransomware New Evasion Technique

Avertium Threat Report

Overview of Ragnar Locker Ransomware New Evasion Technique This threat report is about the Ragnar Locker ransomware and a new defense evasion technique used by the unnamed threat actor behind it. The group has appeared more active in recent months and has recently been seen installing virtual machines on devices to avoid detection of the […]

Ramsay Malware Targets Windows OS

Avertium Threat Report

Ramsay Malware Framework Overview This threat report is about a malware framework used to gather and steal valuable intelligence on systems for espionage-related reasons. The framework, called Ramsay, is built to collect useful data on targets regardless of whether the system is air gapped or not. The malware is built to affect hosts that run […]

Critical Palo Alto Firewall Vulnerabilities Identified

Avertium Threat Report

Palo Alto Firewall Vulnerabilities Overview This threat report is about a series of critical Palo Alto firewall vulnerabilities that affect elements of the software suite. The major vulnerabilities are referred to as the following with varying degrees of severity: PAN-SA-2020-0005 PAN-OS, PAN-SA-2020-0006 PAN-OS, CVE-2020-2018, and CVE-2020-2005. These vulnerabilities affect either the PAN-OS, Panorama, or the […]

Newly Discovered SolarWinds MSP Vulnerability Presents Nation State Threat

Avertium Threat Report

Overview of the SolarWinds MSP Vulnerability This threat report is about a recently discovered vulnerability found in the SolarWinds MSP patch management engine (PME). This vulnerability is noteworthy but has only been tested in a theoretical setting. The security community has assigned the identifier CVE-2020-12608. There is a patch available which can be pulled down […]

VMWare ESXI Vulnerability Allows Malicious Code Injection

Avertium Threat Report

CVE-2020-3955 Overview This report is about a vulnerability found in the VMWare ESXI software known as CVE-2020-3955. The vulnerability is caused by the improper validation of user-supplied inputs. The software flaw exists in VMWare ESXI versions 6.5 and 6.7 with patches available for both versions. This vulnerability exists in the Virtual Machine Attribute Viewer in […]

New Spear Phishing Attacks Use Fake O365 Link to Gain Access

Avertium Threat Report

Overview of the New Spear Phishing Emails This report is about a new series of spear phishing emails by a well-known dangerous threat actor known as Hive0065 or TA505. Several of these phishing emails involve a macro infested Word document using a fake Office 365 link. The Tactics, Techniques, and Procedures Used in HIVE0065 Attacks […]