Cybersecurity Threat Advisory: BlackCat ransomware targets Microsoft Azure
This Cybersecurity Threat Advisory reviews the latest movements of the BlackCat ransomware gang. They are using the Sphynx encryptor to target Microsoft Azure storage through a recently discovered vulnerability in Azure’s security infrastructure. The BlackCat (ALPHV) ransomware gang is using...
Cybersecurity Threat Advisory: New Android zero-day exploit found
This Cybersecurity Threat Advisory involves a critical zero-day vulnerability affecting Android devices, tracked as CVE-2023-35674, posing a significant threat to Android users. This vulnerability allows malicious actors to execute arbitrary code remotely, potentially compromising sensitive user data and device functionality....
Cybersecurity Threat Advisory: New VMware Aria vulnerability identified
Today’s Cybersecurity Threat Advisory highlights an SSH authentication bypass flaw, identified as CVE-2023-34039, which has been discovered in VMware Aria. It has a severity rating of “critical” and a CVSS v3 scope of 9.8. This vulnerability allows remote attackers to...
Cybersecurity Threat Advisory: XLoader malware targeting macOS
Today’s Cybersecurity Threat Advisory sheds light on a resurgence of XLoader malware in the wild targeting macOS systems as a disguised “OfficeNote” application. This trojan leverages social engineering tactics to entice users into downloading and executing the malicious app that...
Cybersecurity Threat Advisory: Citrix NetScaler servers actively being exploited
This Cybersecurity Threat Advisory highlights the nearly 2,000 Citrix NetScaler servers have been compromised through a sophisticated hacking campaign. The attackers exploited a critical vulnerability, CVE-2023-3519, to implant web shells on the targeted servers. This poses a severe threat as...
Cybersecurity Threat Advisory: Critical MOVEit vulnerability discovered
A critical vulnerability has been discovered in the MOVEit Transfer software, prompting urgent action from customers to patch their systems. This flaw, identified as CVE-2023-36934, allows an attacker to execute arbitrary commands on the affected system with elevated privileges without...
Cybersecurity Threat Advisory: New FortiNAC critical vulnerability update released
A critical remote code execution vulnerability (CVE-2023-33299) with a CVSS score of 9.6 has been discovered in Fortinet’s FortiNAC product. This vulnerability poses a significant risk as it could allow an unauthenticated user to execute unauthorized code or commands by...
Cybersecurity Threat Advisory: Cisco Small Business Switches remote attack vulnerabilities
Multiple vulnerabilities have been discovered in Cisco Small Business routers, allowing bad actors to remotely execute arbitrary code with root privileges on an affected device and cause a denial of service (DoS) condition. These vulnerabilities are due to improper validation of requests...
Cybersecurity Threat Advisory: EvilExtractor malware surge detected
EvilExtractor malware has spiked in Europe and the US. EvilExtractor is distributed through phishing campaigns and can harvest various types of data, including browser history, passwords, and cryptocurrency wallets. This is a concern because of the malware’s ability to evade...
Cybersecurity Threat Advisory: 3CX supply chain attack updates
This is a follow-up to the 3CX supply chain attack threat advisory. A malware was found in the 3CX VoIP Desktop Application, which has been delivered to users through legitimate 3CX updates. 3CX has since released security updates, and below...
