Q-CERT Weekly Newsletter 2021-09-27

Vulnerabilities & Patches

Apple Patches 3 More Zero-Days Under Active Attack - Read more

Multiple vulnerabilities in VMware vCenter Server were privately reported to VMware - Read more

Google Chrome Patches Zero-Day Vulnerability - Stable Channel Update For Desktop - Read more

SonicWall Issues Patches for a New Critical Flaw in SMA 100 Series Devices - Read more

Cybercrimes & Incidents

EventBuilder misconfiguration exposes Microsoft event registrant data - Read more

BlackMatter Ransomware Technical Analysis and Tools from Nozomi Networks Labs - Read more

BluStealer: from SpyEx to ThunderFox - Read more

Threats

CISA, FBI: State-Backed APTs May Be Exploiting Critical Zoho Bug - Read more

TinyTurla - Turla deploys new malware to keep a secret backdoor on victim machines - Read more

No Longer Just Theory: Black Lotus Labs Uncovers Linux Executables Deployed As Stealth Windows Loaders - Read more

Analyzing a Large-scale Phishing-as-a-service Operation - Read more

Tools

advanced-threat-research/DarkSide-Config-Extract - Read more

A Powershell module to run threat hunting playbooks on data from Azure and O365 for Cloud Forensics purposes - Read more

Reports

Catching the big fish: Analyzing a large-scale phishing-as-a-service operation - Read more

Papers

Financially motivated actor breaks certificate parsing to avoid detection - Read more

Upcoming Events

Cyber Saudi - Read more

Webcast/Podcast

Welcome to Supply Chain Attacks - Read more

How to

Office365 Attacks: Bypassing MFA, Achieving Persistence and More - Read more

Q-CERT Weekly Newsletter Service is prepared by Cyber Security Intelligence Team, all concerns, recommendations and complaints are welcomed.The views and opinions expressed in media article are those of the authors and media organizations alone.

Q-CERT | Ministry of Transport and Communications, State of Qatar | Doha P.O.Box 24514 | Qatar