Cybersecurity Threat Advisory: Root Access by Way of Linux Kernel Bug
Threat Update Qualys’ research team has discovered a pair of vulnerabilities in the Linux operating system. While one is a local privilege escalation (LPE) vulnerability, the other vulnerability is a stack exhaustion denial-of-service (DOS) vulnerability in the system. Both of...
Cybersecurity Threat Advisory: Ransomware Targets Unpatched, End-of-Life SonicWall Firmware
Threat Update A ransomware campaign using stolen credentials is actively targeting networking device maker SonicWall’s Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x firmware. The exploitation targets a known vulnerability...
Cybersecurity Threat Advisory: Patch for FortiManager and FortiAnalyzer Vulnerability
Threat Update A patch has been released by Fortinet for their FortiManager & FortiAnalyzer platforms. This critical patch resolves a Use After Free vulnerability (CWE-416) that allowed attackers to execute code as administrators on the targeted device. SKOUT recommends that...
Cybersecurity Threat Advisory: Windows Print Spooler Elevation of Privilege Vulnerability
Threat Update Last week, SKOUT released a security advisory regarding the “PrintNightmare” Zero-Day vulnerability exploited via the Windows Print Spooler service. This past weekend, on July 16th, Microsoft identified another vulnerability within the Print Spooler service that allows for local...
Cybersecurity Threat Advisory: SolarWinds Serv-U Zero-day Exploit
Threat Update SolarWinds, an IT management and remote monitoring software developer that fell victim to the Sunburst supply chain attack, has been exploited again. However, the Serv-U zero day exploit is limited to targeted customer impact according to Microsoft. A...
Prepare for the next cyberattack with a cybersecurity checklist
From the supply-chain attack at the beginning of the year, to the ransomware attack that took down a major pipeline in the United States, cyberattacks have been doing significant damage in recent times. Now, the latest supply-chain attack that some...
Cybersecurity Threat Advisory: Zero-Day Vulnerability in Windows Print Spooler
Threat Update Last week, security researchers accidentally published proof-of-concept (PoC) exploit code which has now been dubbed “PrintNightmare”. The vulnerability exploits a critical flaw in Microsoft’s Print Spooler service. Microsoft has issued out-of-band security updates to address the flaw and...
Cybersecurity Threat Advisory: 07-06-2021 Kaseya VSA Follow-Up Threat Advisory
Threat Update This Threat Advisory acts as a follow-up to our previously released Advisories “0048-21” and “0049-21”. Kaseya has scheduled an urgent patch for July 6, 2021, between 4:00PM EDT – 7:00PM EDT. The Kaseya VSA vulnerabilities are still un-remediated...
Remote work cybersecurity: Choosing between VPN and ZTNA
With many businesses accepting remote and hybrid work models, businesses are now looking to MSPs to evaluate the long-term sustainability of their existing cybersecurity infrastructure to ensure their businesses are protected. For many, this means turning from existing cybersecurity protections...
Cybersecurity Threat Advisory: Kaseya VSA Ransomware Update
NOTE TO CLARIFY ON AN EARLIER COMMUNICATION: SKOUT Cybersecurity’s product offerings do not use Kaseya in any means and are not impacted by this incident. If you have any questions, please contact the Security Operations Center. Threat Update Kaseya has...