Raise your hand if:
✋ You find it impossible to keep up with the cyber threats in the news.
✋ You have no clue what threats matter to you.
✋ You want to save HOURS every day. Psst… you can with Fletch.
This newsletter is meant to give you a taste of what Fletch does for you, by highlighting the top trending threats Fletch featured last week.
If you want to simply and automatically know what cyber threats matter to you every day, get started now.
Here are the top 5 threats from last week:
1. Hackers Use SEO Poisoning to Distribute BATLOADER and Atera Agent
Criticality: CRITICAL
- TL;DR: Through proactive threat hunting, the Mandiant frontline team uncovered a campaign that used search engine optimization (SEO) poisoning to lead victims to download the BATLOADER malware for the initial compromise.
- CVEs: CVE-2020-1599
- Malware: BATLOADER
2. Samba bug can let remote attackers execute code as root
Criticality: CRITICAL
- TL;DR: Samba has addressed a critical severity vulnerability that can let attackers gain remote code execution with root privileges on servers running vulnerable software. "The problem in vfs_fruit exists in the default configuration of the fruit VFS module using fruit:metadata=netatalk or fruit:resource=file," Samba explained in a security advisory published on 1/31.
- CVEs: CVE-2021-44142
3. Open-source Kubernetes tool Argo CD has a high-severity path traversal flaw: Patch now
Criticality: HIGH
- TL;DR: A zero-day vulnerability in open-source Kubernetes development tool Argo lets malicious people steal passwords from git-crypt and other sensitive information by simply uploading a crafted Helm chart.
- CVEs: CVE-2022-24348
4. Catching the RAT called Agent Tesla
Criticality: HIGH
- TL;DR: Researchers have identified new versions of the Agent Tesla remote access trojan (RAT) that target the Windows anti-malware interface used by security vendors to protect PCs from attacks. The newly discovered variants have also adopted new obfuscation capabilities, raising the stakes for businesses to fend off the ever-evolving Agent Tesla malware.
- Malware: Agent Tesla
5. ESET antivirus bug let attackers gain Windows SYSTEM privileges
Criticality: HIGH
- TL;DR: Slovak internet security firm ESET released security fixes to address a high severity local privilege escalation vulnerability affecting multiple products on systems running Windows 10 and later or Windows Server 2016 and above.
- CVEs: CVE-2021-37852
