Do you feel like there’s never enough time in the day? Wouldn’t you like to get hours back daily?
With the Fletch Trending Threats app, you can.
Picture this: You wake up in the morning, check your email, and quickly scan today's Fletch Threat Pulse email. It automatically tells you if the top threats impact you. It’s like reading the news in the context of your company.
Here are last week’s top 5 trending threats. With Fletch, you would have known days ago if these impacted you and how to fix them.
- VMware Plugs Security Holes in Workstation, Fusion and ESXi
- Trojanized dnSpy app drops malware cocktail on researchers, devs
- Log4Shell-Like Vulnerability Found in Popular H2 Database
- Zloader Banking Malware Exploits Microsoft Signature Verification
- North Korean Konni Hacker Group Targets Russian Diplomats Using New Year Greetings
Hear firsthand from Conor Sherman, VP of Security and Technology at ezCater, how Fletch helps the nation’s largest marketplace for business catering.
See below for more information on the top trending cyber threats in the news last week.
VMware Plugs Security Holes in Workstation, Fusion and ESXi
In an advisory, VMWare said the security defect could be exploited by attackers with access to a virtual machine that has CD-ROM device emulation enabled. ... Tracked as CVE-2021-22045 (CVSS score of 7.7), the security vulnerability exists in the CD-ROM device emulation function of Workstation, Fusion and ESXi.
CVEs: CVE-2021-22045
View Article
Trojanized dnSpy app drops malware cocktail on researchers, devs
This week, a threat actor created a GitHub repository with a compiled version of dnSpy that installs a cocktail of malware, including clipboard hijackers to steal cryptocurrency, the Quasar remote access trojan, a miner, and a variety of unknown payloads. ... Hackers targeted cybersecurity researchers and developers this week in a sophisticated malware campaign distributing a malicious version of the dnSpy .NET application to install cryptocurrency stealers, remote access trojans, and miners.
Malware: Quasar RAT
View Article
Log4Shell-Like Vulnerability Found in Popular H2 Database
JFrog’s security researchers, who identified the vulnerability, explain that the most severe of the possible attack vectors is through the H2 console itself, mainly because one can use public search tools to locate WAN-facing vulnerable consoles. ... The new bug, JFrog says, has the same root cause as the famous Log4Shell bug – they both involve the Java Naming and Directory Interface (JNDI) lookup feature – yet its impact isn’t as widespread, mainly because the console isn’t always used with the H2 database and because the H2 console listens to localhost by default.
CVEs: CVE-2021-42392
View Article
Zloader Banking Malware Exploits Microsoft Signature Verification
The aggressive Zloader banking malware campaign is exploiting Microsoft’s digital signature verification method to inject code into a signed system DLL, according to researchers at Check Point. ... The appContast.dll – a file signed by Microsoft, to which the attackers appended a script – is called using mshta.exe, which results in the execution of the main Zloader payload, using regsvr32.exe.
Malware: Zloader
View Article
North Korean Konni Hacker Group Targets Russian Diplomats Using New Year Greetings
A North Korean cyber-espionage group has targeted Russian embassy diplomats over the winter holidays with emails carrying New Year greetings in the hopes of infecting them with malware. ... According to Cluster25, the ZIP files contained a Windows screensaver (.scr) file that, when executed, installed a screensaver with Russian holiday greetings, but also the Konni remote access trojan (RAT), the malware after which the group was named, and which granted the attacker full control over the infected systems.
Malware: Konni
View Article
