FortiGuard Labs Weekly Threat Brief summarizes the latest hot threat activity and insights from across this week's cyber threat landscape. https://fortiguard.com/resources/threat-brief
Here are some interesting insights from this weeks issue:
- An Iran-linked advanced persistent threat (APT) group, Charming Kitten, with ties to attacks on the US presidential re-election campaign recently added new techniques to its stockpile in an apparent ramp-up of their operations.
- We discuss a new vulnerability discovered in the Linux sudo command that could allow unprivileged users to execute commands as root. When executing commands on a Linux operating system, unprivileged users can use the sudo (superuser do) command to execute commands as root as long as they have been given permission or know the root user's password.
- This week we profile new research on analysis of the Winnti Group's backdoor dubbed "PortReuse". This is an interesting white paper that is worth a read as it discusses, among other things, some of the methods uses to stay covert.
- We also discuss how smartphone users are being phished via calendar app invitations. A feature of this emailing and calendar application allows users to see events invitations in emails in their calendars without adding it themselves. A smartphone user using this calendar application will then get push notifications. Scammers are using this feature to lure victims into clicking on a phishing link.
You can find more details about these and other issues in the FortiGuard Labs Weekly Threat Intelligence Brief. Read this week's issue and subscribe to the weekly email distribution.