Calenderweek 38 – WafdogBlog

Security Vulnerabilities Disclosed by Atlassian and ISC: Mitigations and Fixes

Atlassian and the Internet Systems Consortium (ISC) have revealed multiple security vulnerabilities affecting their products, potentially leading to denial-of-service (DoS) attacks and remote code execution. The Australian software services provider has addressed four high-severity flaws in recent updates. These include: These vulnerabilities have been addressed in the following versions: In a related update, ISC has …

Security Vulnerabilities Disclosed by Atlassian and ISC: Mitigations and Fixes Read More »

Unveiling the Enhanced Sphynx Variant: BlackCat Ransomware Targets Azure Storage with Advanced Features

A new variant of the BlackCat Ransomware, named Sphynx, has recently emerged, showcasing enhanced capabilities tailored for encrypting Azure Storage accounts. Initially identified in March, this iteration of Sphynx received upgrades in May, introducing the Exmatter exfiltration tool. Subsequent releases in August unveiled additional functionalities, including the ability to override credentials stored in configuration files …

Unveiling the Enhanced Sphynx Variant: BlackCat Ransomware Targets Azure Storage with Advanced Features Read More »

Convergence of Threats: RedLine and Vidar Groups Utilize Unified Tactics for Ransomware and Info-Stealers

A recent investigation conducted by Trend Micro reveals that threat groups associated with RedLine and Vidar have adopted similar tactics for deploying ransomware as they use for disseminating info-stealing malware. In a specific instance, victims initially encountered a malware strain designed for data theft, which was signed with Extended Validation (EV) code signing certificates. However, …

Convergence of Threats: RedLine and Vidar Groups Utilize Unified Tactics for Ransomware and Info-Stealers Read More »

AMBERSQUID: Novel Cloud-Native Cryptojacking Operation Targets AWS Services

A newly emerged cryptojacking operation, tailored for cloud-native environments, has turned its focus towards less common Amazon Web Services (AWS) offerings such as AWS Amplify, AWS Fargate, and Amazon SageMaker to clandestinely mine cryptocurrency. Dubbed AMBERSQUID by cloud and container security firm Sysdig, this malicious cyber activity has managed to exploit cloud services without triggering …

AMBERSQUID: Novel Cloud-Native Cryptojacking Operation Targets AWS Services Read More »

Azure HDInsight XSS Vulnerabilities: Analysis, Impact, and Remediation

Multiple Cross-Site Scripting (XSS) vulnerabilities, encompassing Stored XSS and Reflected XSS, have been detected in Azure HDInsight, with severity ratings ranging from 4.5 (Medium) to 4.6 (Medium). These vulnerabilities impacted various products, including Azure Apache Oozie, Apache Ambari, Jupyter Notebooks, Apache Hadoop, and Apache Hive 2. However, Microsoft addressed these vulnerabilities in their Security update …

Azure HDInsight XSS Vulnerabilities: Analysis, Impact, and Remediation Read More »