X-Force Exchange - Collection Feed

Summary Two security advisories have been published for Xen. The most serious vulnerability addressed in the advisories could potentially allow an attacker to cause a denial of service condition on the host system. Threat Type Vulnerability Overview Two security advisories have been published for Xen. The most serious vulnerability addressed in the advisories could potentially allow an attacker to cause a denial of service condition on the host system. Further details are available from the advisories linke

Summary Ocelot, the Offensive Security research team of Metabase Q, identified a new variant of Ploutus ATM malware in Latin America. The variant, Ploutus-I operates on ATMs from the Brazilian vendor Itautec. It allows for a jack-potting style attack where the money is stolen directly from the ATM but not an individual's account. Threat Type Malware Overview There has been a new variant of the Ploutus ATM malware seen in Latin America. The variant, Ploutus-I operates on ATMs from the Brazilian vendor Itaute

Summary KAMACITE is an ICS threat activity group that obtains access to victim networks and enables other actors to carry out attacks. Dragos revealed their findings on this threat group in a recent blog post. Threat Type Malware Overview Dragos has published a blog post detailing a newly identified threat activity group targeting electric utilities, oil and gas operations, and various manufacturing organizations since as early as 2014. The group has been tied to the BLACKENERGY2 campaign and both the 2015

Summary Alexander Popov, a security researcher from Positive Technologies, discovered and fixed five security vulnerabilities in the Linux kernel, now uniquely identified as CVE-2021-26708. Threat Type Vulnerability Overview Alexander Popov, a security researcher from Positive Technologies, discovered and fixed five security vulnerabilities in the Linux kernel's virtual socket implementation that could lead to a Denial of Service and other actions. They are noted together within CVE-2021-26708. Popov develo

Summary Reuters is reporting on attacks against Indian biotech companies making a COVID-19 vaccine. Chinese state-sponsored group APT 10, also known as Stone Panda, are thought to be behind the attacks. Threat Type Targeting Overview Indian vaccine makers SII and Bharat Biotech have recently come under attack from Chinese hackers. The Chinese state-sponsored group APT 10, or Stone Panda, are suspected of the attacks on the biochemical companies. The group was able to identify vulnerabilities in the IT infra