Cybersecurity Threat Advisory: Sophos Firewall Zero-Day (CVE-2020-12271)
Advisory Overview Unpatched versions of Sophos XG Firewalls are potentially vulnerable to SQL Injection attacks. Sophos pushed out an automatic update, but some devices may need to be manually patched or rebooted for the changes to take effect. Specific guidance...
Cybersecurity Threat Advisory: Hackers Still Exploiting COVID-19
Advisory Overview Hacking groups are still exploiting the COVID-19 pandemic as an opportunity to perform cyber-attacks. The United States’ CISA and the United Kingdom’s NCSC teamed up to issue a joint alert to the top threats. Recommendations are focused on...
Cybersecurity Threat Advisory: RagnarLocker Ransomware Hits EDP Energy Giant
Advisory Overview Energy giant EDP was recently hit with RagnarLocker ransomware. The hacking group claiming responsibility is threatening to leak 10 TB of stolen data online, including personal information such as a password manager database if a ransom of almost...
Cybersecurity Threat Advisory: Maze Ransomware Hits Cognizant
Advisory Overview Cognizant was recently hit by the Maze ransomware. Maze is known for publicly shaming companies by leaking their data online until they pay a ransom, limiting the efficacy of backups in mitigating damage. The exact attack vector is...
Cybersecurity Threat Advisory: Hackers Targeting Microsoft SQL Servers
Advisory Overview A new brute force hacking campaign called “Vollgar” targets Microsoft SQL Servers with weak passwords. The campaigns installs a malicious payload to steal information, remote control, and hide its own activity. SKOUT has provided a link to a...
Cybersecurity Threat Advisory: Critical VMware Bug (CVE 2020-3952)
Advisory Overview There is a high severity vulnerability in VMware vCenter which could allow an attacker the ability to compromise all virtual machines on a server. The critical flaw scored a 10 out of 10 on the Common Vulnerability Scoring...
Webinar: How many advanced threats are hiding in your inbox?
As an MSP, you know that email security is getting more important every day because ransomware and other advanced threats are on the rise. According to a report from Verizon, 92.4 percent of all malware attacks are delivered through email....
Cybersecurity Threat Advisory: Zoom Vulnerabilities and Zoom Bombing
Advisory Overview After a recent spike in usage due to global social distancing guidelines, multiple vulnerabilities have been discovered in Zoom. In addition, the ever growing userbase is seeing a rise in the number of “Zoom Bombing” attacks. These threats...
Cybersecurity Threat Advisory: Cyber Criminals Target Zoom Domains
Advisory Overview With the vast increase in the number of employees working remotely due to COVID-19, malicious actors are attempting to exploit uninformed users with fraudulent sites and applications. The nature of these attempts varies, but overwhelmingly rely on a...
Planning for an extended remote workforce
Over the past week, the remote workforce grew exponentially in an effort to ‘flatten the curve’ against COVID-19. While this is a temporary situation, it could have long lasting effects as businesses and the workforce settle into the new routine....
