Month: April 2020

CVE-2020-1967 – Segmentation fault in OpenSSL

OVERVIEW OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also a general-purpose cryptography library.   It is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end. It is …

CVE-2020-1967 – Segmentation fault in OpenSSL Read More »

Multiple Qakbot (Qbot) waves detected in April 2020

Since last month there have been significant resurgence in Qbot. Different Qbot waves were reported like “feature“, “extend“, “string” and “one-drive” wave. Several bot_groups spx85 to spx103 were found active for this Qakbot resurgence. In this post we will be going though detailed analysis of the Qbot wave -“feature wave” from bot_group spx98. What is …

Multiple Qakbot (Qbot) waves detected in April 2020 Read More »

Patch your Vcenter server for CVSS10.0 rated vulnerability – CVE-2020-3952

This report is about the vulnerability found in the VMWare vCenter software and recorded in CVE-ID: CVE-2020-3952. The vulnerability is caused by improper access controls affecting the VMware Directory Service. The affected version of the software is vCenter 6.7 with a patch available for this software flaw. What is vCenter server? vCenter Server is an …

Patch your Vcenter server for CVSS10.0 rated vulnerability – CVE-2020-3952 Read More »

Threat/APT groups leveraging COVID-19, novel coronavirus epidemic situation to spread malware.

Throughout the globe, several cyber attacks associated with COVID-19 were reported in the past 1 month. Many threat groups have been taking advantage of this epidemic situation to send malspam, tricking users to click the embedded links or open the documents in order to drop the malware on their devices. Name the malware – trickbot, …

Threat/APT groups leveraging COVID-19, novel coronavirus epidemic situation to spread malware. Read More »