Cybersecurity Threat Advisory: RCE vulnerability in Ghostscript
A Ghostscript remote code execution (RCE) vulnerability, tracked as CVE-2024-29510 (with a CVSS rating of 5.5), is currently being exploited. This exploit can allow attackers to bypass the -dSAFER sandbox and execute code remotely. Review this Cybersecurity Threat Advisory to...
Cybersecurity Threat Advisory: TeamViewer breach
On June 26, RMM software designer TeamViewer announced a recent breach of their network. According to TeamViewer, no customer data has yet been compromised by this breach. Read this Cybersecurity Threat Advisory in detail to secure your network and devices....
Cybersecurity Threat Advisory: Cisco patches high-severity bug
Cisco has released security updates for a vulnerability affecting its Secure Client software. Successful exploitation could allow threat actors to steal a targeted user’s token and establish a virtual private network (VPN) session. The vulnerability tracked as CVE-2024-20337 has a...
Cybersecurity Threat Advisory: Active exploitation of Microsoft vulnerability
Microsoft announced that a recently disclosed security flaw had been exploited just one day after it released fixes for the vulnerability. CVE-2024-21410, an Exchange Server vulnerability, with a CVSS score of 9.8, allows threat actors to escalate privileges of the...
Cybersecurity Threat Advisory: Google OAuth MultiLogin exploit
In October of 2023, an exploit was revealed by the threat actor PRISMA. This exploit generated persistent Google cookies through token manipulation. Now, attackers are exploiting a Google OAuth endpoint known as “MultiLogin” to restore expired authentication cookies. This allows...
Cybersecurity Threat Advisory: New malware campaign from Log4j security flaw
The hacker group, known as Lazarus, is linked to a global campaign. It involves an old security flaw found in Log4j to deploy previously unknown remote access trojans (RATs) on compromised hosts. To learn more and limit the impact of...
Cybersecurity Threat Advisory: Critical Outlook vulnerability exploited
Microsoft recently discovered Russian state-sponsored hacker group APT28 (“Fancybear” or “Strontium”) exploiting a critical Outlook flaw to gain access to Microsoft Exchange accounts and steal their critical information. This Cybersecurity Threat Advisory looks at the threat and recommendations to protect...
Cybersecurity Threat Advisory: New vulnerability for Windows users
A new vulnerability has been identified which could compromise the security of Windows users. The vulnerability discussed in this Cybersecurity Threat Advisory, known as “forced authentication,” gives an attacker access to a user’s NT LAN Manager (NTLM) tokens by tricking...
Cybersecurity Threat Advisory: ‘LittleDrifter’ extends its reach
This Cybersecurity Threat Advisory sheds light on a recently discovered USB worm identified as “LittleDrifter” has been attributed to the Russia-linked hacker group known as Gamaredon. The worm has spread beyond its presumed intended target, Ukraine, to other countries including...
Cybersecurity Threat Advisory: Bibi-Windows Wiper on the rise
Israel has recently been the target of cyberattacks involving a wiper malware that was previously observed to target both Linux and Windows systems. The wiper, named “BiBi-Windows Wiper”, has been used by a pro-Hamas hacker group in the wake of...