CVE-2024-43451: A New Zero-Day Vulnerability Exploited in the wild

A new zero-day vulnerability, CVE-2024-43451, was discovered by ClearSky Cyber Security in June 2024. This vulnerability affects Windows systems and is being actively exploited in attacks against Ukrainian entities. The vulnerability activates URL files containing malicious code through seemingly innocuous actions: The malicious URL files were disguised as academic certificates and were initially observed being […]

Read More

Iranian “Dream Job” Campaign 11.24

ClearSky Cyber Security research identified a campaign named “Iranian Dream Job campaign”, in which the Iranian threat actor TA455 targeted the aerospace industry by offering fake jobs.  The campaign distributed the SnailResin malware, which activates the SlugResin backdoor. ClearSky attributes both malware programs to a subgroup of Charming Kitten.  However, some cyber research companies detected […]

Read More