Continuous Threat Intelligence and Attack Surface Monitoring

" What is the current Exposure Risk (ER) level and the Internet-facing attack surface of my organisation? "

" What if the email addresses of my users appeared in a recent data breach? "

" I would like to be notified on any publicly accessible unmanaged or shadow IT assets of my organisation "

Threat Hunting and Red Teaming Specialist

" Is my organisation protected from such threat? "

" Is my network compromised? "

" I need an Incident Response Team! "

I WANT A FREE EXTERNAL THREAT INTELLIGENCE REPORT

CODE RED INCIDENT RESPONSE SERVICE

CODE RED Threat Intelligence Pulse

VTA-00366 - New Vyveva Malware Used By North Korea's APT Group: The Story:
ESET researchers have discovered a previously undocumented Lazarus backdoor, which they have dubbed Vyveva, being used to attack a freight logistics company in South Africa. The backdoor consists ...
Learn More
VTA-00365 - North Korea Targeting Security Researchers With Phishing Website And Social Engineering Security Campaign on Social Media: The Story:
“SecuriElite” is a website created to phish victims by claiming to be a cybersecurity company located in Turkey. The threat actors ...
Learn More
VTA-00364 - Black Kingdom Ransomware Targeted Microsoft Exchange Servers: SuperPRO’s Recommendations:
1. Users can download the patch for vulnerability in Microsoft Exchange Server from this link provided here:
https://github.com/microsoft/CSS-Exchange/tree/main/Security.
This is the most efficient way to rapidly protect and mitigate your Exchange ...
Learn More
VTA-00363 - CVE-2021-28133: Zoom Screen Sharing Bug: SuperPRO’s Recommendations:
1. Enable Waiting Room feature and check all participant before admit them, have them enable their webcam to prove their legitimacy if need be.
2. Use complex passcode for meeting to prevent attacker ...
Learn More
VTA-00362 - HAFNIUM APT Group Using Microsoft Exchange Vulnerabilities To Gain Initial Access: SuperPRO’s Recommendations:
1. Users are advised to update their Microsoft Exchange Server in accordance with the version they are using as soon as possible.
Users can find the ...
Learn More

Subscribe To Our CODE RED PULSE Mailing List

 

By clicking Subscribe, I agree to the use of my personal data in accordance with Provintell's Privacy Policy. Provintell will not sell, trade, rent or lease your personal data to third parties.

Threat Statistics (March 2021 and February 2021)

  • Ticket opened

Severity %

  • Critical
  • High
  • Medium
  • Low

Critical 0% High 4% Medium 23% Low 73%

Source: Provintell CyberSOC, March 2021

  • Ticket opened

Severity %

  • Critical
  • High
  • Medium
  • Low

Critical 0% High 21% Medium 30% Low 49%

Source: Provintell CyberSOC, Feb 2021

  • Ticket Opened

Severity %

  • Critical
  • High
  • Medium
  • Low
  • Info

Critical 0% High 15% Medium 54% Low 23% Info 8%

Source: Provintell CyberSOC, March 2021

  • Ticket Opened

Severity %

  • Critical
  • High
  • Medium
  • Low

Critical 0% High 0% Medium 80% Low 20%

Source: Provintell CyberSOC, Feb 2021

Top Threats (March 2021 and February 2021)

Country Threats Count
United State 4
Malaysia 2
France 2
China 2
India 2
Netherland 1
Australia 1
Iran 1
Indonesia 1
Lithuania 1
Country Threats Count
China 8
India 6
United State 6
Malaysia 2
Russia 2
Brazil 2
Korea 1
Netherlands 1
United Kingdom 1
Indonesia 1
Mitre Att&ck Threats Count
Reconnaissance 1
Resource Development 0
Initial Access 1
Execution 0
Persistence 1
Privilege Escalation 1
Defense Evasion 0
Credential Access 2
Discovery 1
Lateral Movement 0
Collection 0
Command and Control 0
Exfiltration 1
Impact 0
Mitre Att&ck Threats Count
Reconnaissance 1
Resource Development 0
Initial Access 8
Execution 3
Persistence 1
Privilege Escalation 0
Defense Evasion 5
Credential Access 5
Discovery 7
Lateral Movement 0
Collection 0
Command and Control 14
Exfiltration 0
Impact 1

Source: Provintell CyberSOC, March 2021