Cybersecurity Threat Advisory: VMWare vCenter PoC Exploit Available
Threat Update Recently, VMWare, a global virtualization and cloud computing vendor, was informed of a critical vulnerability that affects certain versions of its vCenter service. Successful exploitation of this vulnerability could allow an attacker to upload arbitrary files and execute...
Cybersecurity Threat Update: Regarding the Recent Facebook BGP/DNS Outage
Threat Update On October 4, 2021, the global social network Facebook and its associated platforms faced a global outage that lasted approximately six hours. This outage not only impacted all Facebook users, but it also blocked internal communication between Facebook...
Cybersecurity Threat Advisory: Threat Actors Targeting VoIP Providers with DDoS Attacks
Threat Update In recent weeks, threat actors have been targeting voice over Internet Protocol (VoIP) providers with distributed denial of service (DDoS) attacks that have impacted the mission-critical communications, including 911 services, of numerous organizations. Bandwidth.com has become the latest...
Cybersecurity Threat Advisory: Microsoft Azure OMIGOD Vulnerability
Threat Update Microsoft’s September 2021 Patch Tuesday addressed four major vulnerabilities that impact users of Microsoft’s Azure platform. They are tracked as CVE-2021-38647 and CVE-2021-38648. They are referred to as OMIGOD, referencing “Open Management Infrastructure,” the agent which makes Azure...
Cybersecurity Threat Advisory: BulletProofLink Phishing-as-a-Service (PhaaS) Campaign
Threat Update Microsoft recently released the results and analysis from its deep dive into BulletProofLink, a large-scale phishing-as-a-service (PHaaS) operation that follows a software-as-a-service (SaaS) business model. This model allows threat actors to purchase phishing kits and email templates in...
Cybersecurity Threat Advisory: AWS Workspaces Remote Code Execution
Threat Update Rhino Security Labs has discovered a vulnerability in the AWS WorkSpaces desktop client, tracked as CVE-2021-38112, which allows commands to be executed if a victim opens a malicious WorkSpaces URI from their browser. Since the report’s release, Amazon...
Cybersecurity Threat Advisory: Malicious Word Files Disguised as Windows 11 Documentation
Threat Update Security researchers have discovered recent attempts by threat actors to infect machines with malicious Word documents containing VBA macros and JavaScript to plant a backdoor and create persistence. These Word documents are disguised as documentation or information related...
Cybersecurity Threat Advisory: Atlassian Confluence Critical Vulnerability
Threat Update The Australian company Atlassian’s public bug bounty program has discovered a critical vulnerability in Confluence, a corporate web-based wiki developed by Atlassian. Confluence is used and trusted by companies worldwide to host internal Wiki sites that employees can...
Cybersecurity Threat Advisory: Microsoft Power Apps Expose 38 Million Records of Data
Threat Update Recent reports indicate that a Microsoft Power Apps misconfiguration may lead to exposure of extremely sensitive data to public sources. SKOUT recommends reviewing your configuration of your Microsoft Power Apps, and performing the Portal Checker diagnostic provided by...
Cybersecurity Threat Advisory: Cisco Releases Patches for Multiple Security Vulnerabilities
Threat Update Cisco has provided fixes for multiple security vulnerabilities varying from medium to critical severity, which an unauthenticated attacker could exploit. Cisco Small Business RV340, RV340W, RV345, RV345P Dual WAN Gigabit, RV160, RV160W, RV260, RV260P, and RV260W VPN routers...