Exploitation – TheCyberThrone

Ukraine CERT warns on attacks exploiting Zimbra IcedID

Ukrainian government agencies are under a serious threat. Threat actors are exploiting Zimbra exploits and phishing attacks pushing the IcedID malware. CERT-UA of Ukraine detected the campaigns and attributed the…

PravinKarthik April 16, 2022

Security

Spring4Shell Exploited by Mirai Botnet

The new Spring4Shell vulnerability has been exploited by the Mirai botnet. Two critical vulnerabilities have been patched recently in the popular Java application framework Spring: CVE-2022-22965 and CVE-2022-22963. The flaws…

PravinKarthik April 9, 2022

Security

Mirai Bots Joins the Log4j Exploitation List

Log4Shell, the critical unauthenticated remote code execution vulnerability identified in early December 2021 in the Apache Log4j logging utility, hasn’t seen the mass exploitation that many expected, but an exploit…

PravinKarthik January 25, 2022

doorLock DoS Vulnerability in Apple HomeKit

Researchers discovered a new persistent DoS vulnerability, dubbed ‘doorLock,’ affecting the Apple HomeKit in iOS 14.7 through 15.2. HomeKit is a software framework by Apple, available in iOS/iPadOS that lets users…

PravinKarthik January 4, 2022