Category: Security

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical PHP vulnerability enables remote code execution

Cybersecurity Threat Advisory: Critical PHP vulnerability enables remote code execution

A vulnerability known as CVE-2024-4577 is exploiting Apache’s handling of Unicode to ASCII conversion when using Hypertext Preprocessor (PHP) Common Gateway Interface (CGI) mode. This enables the execution of malicious code within the PHP executable. This presents a significant risk...

/ June 13, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New typosquatting attack targeting Google users

Cybersecurity Threat Advisory: New typosquatting attack targeting Google users

Google users have been targeted with a typosquatted attack when searching Advanced IP Scanner. When searching for this free network scanner for Windows, users are served with an exploited version of Advanced IP Scanner that injects a CobaltStrike Beacon into...

/ June 13, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical VBEM vulnerability

Cybersecurity Threat Advisory: Critical VBEM vulnerability

A Veeam Backup Enterprise Manager (VBEM) security vulnerability, CVE-2024-29849, can pose serious risks for organizations. Users are advised to update their VBEM to the latest version immediately. Read this Cybersecurity Threat Advisory to learn about which actions to take to...

/ June 12, 2024
Should America’s cyber defense agency’s priorities also be yours?

Should America’s cyber defense agency’s priorities also be yours?

In February, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced its 2024 priorities for the Joint Cyber Defense Collaborative (JCDC). This group, composed of government and industry entities, was formed in 2021 and is tasked with gathering, analyzing, and sharing actionable...

/ June 11, 2024
CISA
Staying cyber safe with CISA this summer

Staying cyber safe with CISA this summer

As sure as fireflies and fireworks mean summer, so do Cybersecurity and Infrastructure Security Agency (CISA) warnings and alerts. With parents shuttling kids to day camps, pool parties, and Disney World, summer is a prime time for cybercriminals to make...

/ June 10, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: RedTail exploits PAN-OS vulnerability

Cybersecurity Threat Advisory: RedTail exploits PAN-OS vulnerability

Palo Alto Networks has recently disclosed a critical zero-day vulnerability, CVE-2024-3400, within its PAN-OS operating system. The flaw, found in the GlobalProtect Gateway, is currently under active exploitation. Additionally, the threat actors behind RedTail cryptocurrency mining malware have added this...

/ June 6, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New ShrinkLocker ransomware strains

Cybersecurity Threat Advisory: New ShrinkLocker ransomware strains

ShrinkLocker is a recent ransomware strain that leverages a legitimate Windows encryption feature, BitLocker, to lock victims out of their devices. It shrinks the partition, increasing the impact of the attack. Review this Cybersecurity Threat Advisory in detail to prevent...

/ June 5, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Oracle WebLogic Server vulnerability

Cybersecurity Threat Advisory: Oracle WebLogic Server vulnerability

There has been active exploitation of a critical operating system (OS) command injection vulnerability, known as CVE-2017-3506, found in the Oracle WebLogic Server. The impact can be severe, ranging from financial loss to reputational damage. Review this Cybersecurity Threat Advisory...

/ June 5, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New attack tactic from DarkGate MaaS operation

Cybersecurity Threat Advisory: New attack tactic from DarkGate MaaS operation

The DarkGate Malware-as-a-Service (MaaS) operation are now using AutoHotkey to deliver the last stages of cyber attacks. Read this Cybersecurity Threat Advisory to learn more about this advanced tactic and how to mitigate your risks. What is the threat? DarkGate,...

/ June 4, 2024
credential theft
5 Ways cybercriminals are using AI: Access and credential theft

5 Ways cybercriminals are using AI: Access and credential theft

Threat actors have embraced artificial intelligence (AI) for phishing, deepfakes, malware generation, content localization, and more. This week we’re looking at how they’re using it for credential theft to gain access to high-value networks. Stolen credentials are a goldmine for cybercriminals, especially if the...

/ June 4, 2024