DarkCasino: A New Emerging APT Threat Exploiting a WinRAR Flaw

NSFOCUS researchers examined the DarkCasino attack pattern, which exploited the WinRAR zero-day vulnerability identified as CVE-2023-38831. The financially motivated APT group conducted phishing operations against forum participants via online trading forum posts using specially generated archives.

Read More

CVE-2023-4966 (Citrix Bleed) Active Exploitation

Citrix published a security bulletin on October 10, 2023, regarding a vulnerability (CVE-2023-4966) that affects the NetScaler ADC and NetScaler Gateway appliances and allows sensitive information disclosure. It enables unauthenticated attackers to steal sensitive data from on-premises appliances set as an AAA virtual server or a gateway.

Read More

CVE-2023-46747: Critical Authentication Bypass Vulnerability in F5 BIG-IP

BIG-IP, a comprehensive portfolio of hardware platforms and software solutions from F5 Networks, focuses on security, dependability, and performance. These solutions include load balancing, a web application firewall, access control, and methods to improve application performance and mitigate DDoS attacks, emphasizing application availability and security.

Read More

Alert Advisory: Supply Chain Attack by Iran’s APT34 Targets the UAE

An Iranian threat group called OilRig typically targets businesses in the Middle East involved in various industries. Still, it has also sometimes attacked businesses outside of the Middle East. Additionally, it appears that OilRig engages in supply chain attacks, whereby the threat actor uses the trust among entities to attack its main targets.

Read More

PhishForce: In-the-wild Phishing of Facebook Accounts Using a Vulnerability in Salesforce’s Email Services

We have been subjected to fraudulent emails from the early days of the internet, from intrusive spam to highly targeted and customized phishing efforts. Bad actors will always manage to keep one step ahead, coming up with new ways to bypass filtering laws and other regulations aimed to clean up our inboxes, despite substantial breakthroughs in email detection and blocking over the years.

Read More


We welcome you to contact us for more information
about HAWKEYE - SOC As A Service.