Cybersecurity Threat Advisory: Backdoor LightNeuron Targets Microsoft Exchange Servers
What is the threat? A security researchers group discovered a Backdoor called LightNeuron on May 7th, 2019. This backdoor specifically targets Microsoft Exchange Servers and is one of the first malware to obtain complete control over all the emails that...
Cybersecurity Threat Advisory: Anti-malware Vendor Source Code Theft
In light of the recent news about US Anti-malware companies getting hacked and their source code being stolen, SkOUT wants its customers to be aware of the situation and remain vigilant for the next few days as the investigation continues...
Cybersecurity Threat Advisory: How Migration to Windows 10 Will Reduce the Risk of Threats
What is the threat? The end of life date for Windows 7 will be January 14, 2020 at which point support will no longer be offered by Microsoft. Computers running older versions of Windows will be susceptible to cyber-attacks and...
Cybersecurity Threat Advisory: New ‘Sodinokibi’ Ransomware Exploits WebLogic Deserialization
What is the threat? A zero-day vulnerability in Oracle WebLogic Servers is actively being exploited in the wild by a sophisticated new ransomware variant dubbed “Sodinokibi”. The ransomware variant attempts to encrypt data found in the user directory and leverages...
Cybersecurity Threat Advisory: Dell Laptops and Computers Vulnerable to Remote Hijacks
What is the threat? A security researcher recently discovered a vulnerability (CVE-2019-3719) on Dell laptops and computers, giving full access to remote hijackers. The weakness lies in the Dell Supportable tool, which exposes dell devices to a remote code execution...
Cybersecurity Threat Advisory: Office 365 Blob Storage Phishing Attacks
What is the threat? As part of an ongoing phishing campaign abusing Microsoft Azure Blob Storage, attackers are now able to create more legitimate looking phishing emails through Office 365. This tactic allows the attackers to spoof email addresses to...
Cybersecurity Threat Advisory: Remote code execution via Widget Connector
What is the threat? Multiple high severity vulnerabilities have been found in the Widget Connector Macro in Atlassian Confluence Server. The server had an http vulnerability which allowed attackers to access restricted directories and execute commands on systems that run...
Cybersecurity Threat Advisory: Apache fixes RCE flaw in Tomcat application server
What is the threat? A remote code execution vulnerability was discovered in the Apache Tomcat application server software – CVE-2019-0232. The Common Gateway Interface (CGI) servlet that this vulnerability affects is disabled by default, which is why the severity of...
Cybersecurity Threat Advisory: HOPLIGHT Malware
What is the threat? The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have discovered a new malware variant called HOPLIGHT. The malware has been identified as the work of HIDDEN COBRA which refers to activity...
Cybersecurity Threat Advisory: Verizon Customers Targeted in Mobile Phishing Campaigns
What is the threat? A phishing campaign has been discovered in the wild targeting Verizon customers. This phishing campaign is mimicking Verizon customer support and trying to get information about customers’ Verizon accounts to gain access. The phishing emails ask...
