Cyber Security Threat Intel Alert: 08-May-2024

The latest weekly report is out and in the AUCloud Cyber Threat Intelligence Report we reveal:

  • Four critical vulnerabilities expose HPE Aruba devices to RCE attacks

    HPE Aruba Networking has released security updates to patch ten vulnerabilities in ArubaOS, including four critical issues with a high CVSS score of 9.8. These vulnerabilities, which exploit the Performance Application Programming Interface (PAPI) through UDP port 8211, could let attackers execute arbitrary code by leveraging unauthenticated buffer overflows.

  • Hackers increasingly abusing Microsoft Graph API for stealthy malware communications

    Hackers have increasingly exploited the Microsoft Graph API for covert communication with their command-and-control (C&C) infrastructure on Microsoft cloud services, according to Symantec. Since January 2022, nation-state hacking groups like APT28, REF2924, Red Stinger, Flea, APT29, and OilRig have used this approach to evade detection.

  • 6 Australian senators, MPs confirm being targeted by APT31 in IPAC cyber attack

    It’s been reported that APT31, the Chinese state-sponsored hacking group in 2021 sent a large number of pixel tracking emails to the parliamentary emails of Australian MPs and senators from a domain masquerading as a news outlet. The motive was to gather sufficient information to mount more sophisticated follow-on attacks, escalating in severity. However, the parliamentary officials were made aware only recently as the Australian authorities failed to notify them of the incident after discovering it almost 3 years ago.

  • New attack leaks VPN traffic using rogue DHCP servers

    A new threat campaign widely referred to as “TunnelVision” is currently under exploitation which allows attackers to bypass VPN protections and expose user traffic. This is a major concern as VPNs play a critical role in securing traffic and data of users.

Access to the full report and automatically subscribe for future editions.

Get it for free now!