Category: Security

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Global Microsoft Exchange attack

Cybersecurity Threat Advisory: Global Microsoft Exchange attack

A recent cyber campaign has compromised over 70 Microsoft Exchange servers across 26 countries by injecting JavaScript-based keyloggers into Outlook Web Access (OWA) login pages. Review the details of this Cybersecurity Threat Advisory to safeguard against these vulnerabilities. What is...

/ June 25, 2025
LLMs
Unmasking the next wave: LLMs and evolving cyberthreats

Unmasking the next wave: LLMs and evolving cyberthreats

This week, we bring you additional interviews with experts on the cybersecurity dangers posed by large language models (LLMs) such as Claude, DeepSeek, and ChatGPT. With the rapid rise in the use of these services comes an increasing set of...

/ June 24, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Vulnerabilities in Linux distributions

Cybersecurity Threat Advisory: Vulnerabilities in Linux distributions

Two critical local privilege escalation (LPE) vulnerabilities were disclosed, identified as CVE-2025-6018 and CVE-2025-6019. These vulnerabilities affect all versions of SUSE 15 and libblockdev, two major Linux distributions, allowing unprivileged users to escalate their privileges to root and posing significant...

/ June 24, 2025
Threat Spotlight: Half the spam in your inbox is generated by AI

Threat Spotlight: Half the spam in your inbox is generated by AI

Cyber attackers are leveraging the power of artificial intelligence (AI) to boost their chances of success in email-based attacks. AI tools can help them to develop and launch more attacks, more frequently, and to make these attacks more evasive, convincing,...

/ June 23, 2025 / 5 Comments
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Grafana vulnerability

Cybersecurity Threat Advisory: Critical Grafana vulnerability

A newly disclosed Grafana vulnerability puts thousands of monitoring systems at risk of compromise through a simple malicious link. Review this Cybersecurity Threat Advisory to secure your environment. What is the threat? To exploit CVE-2025-4123, multiple conditions must be met....

/ June 20, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Veeam vulnerability

Cybersecurity Threat Advisory: Critical Veeam vulnerability

Veeam has released security patches to address a critical vulnerability in its Backup & Replication software, identified as CVE-2025-23121. The flaw allows unauthenticated remote attackers to execute arbitrary code under certain conditions. Review the details of this Cybersecurity Threat Advisory...

/ June 19, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: TP-Link and Zyxel devices targeted

Cybersecurity Threat Advisory: TP-Link and Zyxel devices targeted

Two vulnerabilities are actively targeted by threat actors for exploits, CVE-2023-33538, affects TP-Link routers, and CVE-2023-28771, affects Zyxel firewalls. Review this Cybersecurity Threat Advisory to help mitigate the risk of attackers targeting these vulnerabilities.   What is the threat? CVE-2023-33538...

/ June 18, 2025
LLMs
Unraveling the cybersecurity risks of LLMs

Unraveling the cybersecurity risks of LLMs

As language learning models (LLMs) become more prevalent, the cyber dangers posed by DeepSeek, ChatGPT, Claude, and others are just beginning to be understood. Jacob Anderson, owner of Beyond Ordinary, states that cyber personnel are overworked and continue to have...

/ June 17, 2025
Email Threat Radar
Email Threat Radar – June 2025

Email Threat Radar – June 2025

In this edition of the Email Threat Radar, we see how during May, threat analysts identified several notable email-based threats targeting organizations around the world and designed to evade detection and boost the chances of success, including: The EvilProxy phishing...

/ June 16, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Wazuh servers targeted to launch Mirai attacks

Cybersecurity Threat Advisory: Wazuh servers targeted to launch Mirai attacks

Threat actors are actively targeting Wazuh servers running software version 4.4.0 by exploiting a vulnerability that enables them to install Mirai botnets. These botnets facilitate distributed denial of service (DDoS) attacks against victims and execute malicious payloads on the compromised...

/ June 12, 2025