Top Intel Community
CISA releases top malware strains of 2021.
The top malware in 2021 included remote access trojans, banking trojans, information stealers and ransomware. Specifically, 2021’s top malware strains were: Agent Tesla, AZORult, Formbook, Ursnif, LokiBot, MOUSEISLAND, NanoCore, Qakbot, Remcos, TrickBot and GootLoader. CISA and ACSC state that most of these top strains have been used for more than five years—and some for more than 10 years—with their respective code bases evolving into several variations. Like a good virus, like COVID-19, these malware strains morph, adapt, and are persistent as hell.
CISA issues warning on active exploitation of UnRAR software for Linux Systems.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw in the UnRAR utility to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. Tracked as CVE-2022-30333 (CVSS score: 7.5), the issue concerns a path traversal vulnerability in the Unix versions of UnRAR that can be triggered upon extracting a maliciously crafted RAR archive. This means that an adversary could exploit the flaw to drop arbitrary files on a target system that has the utility installed simply by decompressing the file. The vulnerability was revealed by SonarSource researcher Simon Scannell in late June.
US Army seeks criminal and threat intelligence coverage.
U.S. Army posted a sources sought notice for criminal and threat intelligence coverage for the Joint Task Force – National Capital Region / Military District of Washington (JTF-NCR / MDW). The contractor shall provide real-time 24/7/365 criminal, threat, and intelligence reporting for Joint Task Force-National Capital Region and the Military District of Washington. Daily Global Security Operations Center (GSOC) real time alerts, protest alerts, protest reporting, weekly JTF-NCR (MDW) intelligence reports, Extremist Intelligence Threat (EXIT) reports, global, national, and regional threat assessments, and when requested, Detailed Analysis in Real-Time (DART) report for requested events that The Joint Task Force-National Capital Region / Military District of Washington will participate in within the United States.