CTM360 Hardening Guidelines
USE CASE: POST-EXPLOITATION IMPACT OF LOG4JSHELL VULNERABILITY Log4j vulnerability (CVE-2021-44228) allows unauthenticated remote code execution, and is triggered when a specially crafted string provided by the attacker, through a variety of
Mitre Att&ck Mapping & Hardening Guidelines
USE CASE: RYUK RANSOMWARE Threat Description Ryuk is a ransomware designed to target enterprise environments that has been used in attacks since at least 2018. Ryuk shares code similarities with Hermes ransomware.
SquirrelWaffle – Malicious Email Campaign
Threat Description CTM360 has observed increased activity in propagation of SquirrelWaffle, a malware loader that is being actively spread via email campaigns. This new threat is using malicious Microsoft Excel and
WhatsApp Account Hijacking
CTM360 has observed a sudden rise in Whatsapp accounts being hijacked in the MENA Region. In most cases, this occurs through social engineering, in which the victim would receive a
Do you need a Threat Intel feed of IOCs?
Given that your current security stack (AntiVirus, Firewall, SIEM, etc.) already comes integrated with its own auto-updated IOC feeds, do you still need an additional IOC threat intel feed? Cyber
The Cyber Forecast – Top 9 Cybersecurity Threats For 2021
Technology advancements and disruptive ideas have forced organizations to embrace digital transformation; COVID-19 has only accelerated the same. Many organizations were not adequately prepared and this resulted in new challenges
Solar Wind Attack: Update
SolarWinds - an American software vendor for managing networks and infrastructure has been breached. Orion, a network monitoring product was modified by a state-sponsored threat actor via embedding backdoor code
Sensitive Information Disclosure On Professional Networking & Employment Platforms
CTM360 has observed a trend in which employees from financial institutions are exposing critical company information or infrastructure-related details on professional networking and employment platforms. Such information is utilized by
WordPress Pharma Hack
Pharma Hack is an exploit targeting WordPress sites using SEO spamming. Hackers inject the site with content related to pharmaceuticals in order to lure users who are looking for drug
From Unemployed To A Money Mule During The COVID-19 Crisis
Cybercriminals are taking advantage of the COVID-19 pandemic, to lure laid-off individuals seeking jobs or working remotely. These cyber crooks have been targeting this specific class of people to work
