Threat actor group “ALTDOS” operate by accessing and exfiltrating companies databases and have focus mainly on South-East Asia including Bangladesh.“ALTDOS” is known to extort companies for ransom for the data exfiltrated. Not much is known about this group, other than the breach reports. Target sectors: Financial-services,retail,communications,construction,energy,pharmaceuticals,telecommunications External Reference relared to “ALTDOS” threat actor:https://www.databreaches.net/thai-media-and-content-conglomerate-mono-next-public-company-hit-by-altdos-hackers/https://www.databreaches.net/thai-securities-trading-firm-goes-offline-after-cyberattack/
DESCRIPTION:Multiple vulnerabilities have been discovered in VMware vRealizeOperations Manager, which could result in remote code execution. VMwarevRealize Operations Manager is an IT management platform which enablesvisibility, optimization and management of an organization’s physical,virtual and cloud infrastructure. This software comes within an APIwhich enables developers to build vRealize Operations Manager clients tocommunicate with the server over HTTP. Successful exploitation of thesevulnerabilities could allow an attacker to...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in Cisco Jabber the mostsevere of which could allow for arbitrary code execution. Cisco Jabberprovides instant messaging (IM), voice, video, voice messaging, desktopsharing, and conferencing on any device. Successful exploitation of themost severe of these vulnerabilities could allow an unauthenticated,remote attacker to execute code on the affected systems. Depending onthe privileges associated with the application, an attacker could theninstall programs;...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in F5 products, the mostsevere of which could allow for remote code execution. * BIG-IP and BIG-IP Advanced WAF/ASM are a family of products coveringsoftware and hardware designed around application availability, accesscontrol, and security solutions.* BIG-IQ enables administrators to centrally manage BIG-IPinfrastructure across the IT landscape. It discovers, tracks, manages,and monitors physical and virtual BIG-IP devices – in the cloud,...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in ArubaNetwork’s InstantAccess Point that could allow for arbitrary code execution. Aruba (aHewlett Packard Enterprise company) is the worldwide second-largestenterprise WLAN vendor. ArubaNetworks Instant Access Point is Wi-Fihardware which virtualizes Aruba Mobility Controller capabilities on802.11 access points (APs). Successful exploitation of thesevulnerabilities could allow an attacker to execute arbitrary code incontext of the user running the application. Depending on the...
Read More
