Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Rising concerns over ALPHV ransomware group
In recent weeks, there has been a surge in cyberattacks attributed to the ALPHV ransomware group. Some of the group’s latest hits include attacks against Tipalti, MGM Resorts, Caesars Entertainment, Clorox, McClaren Health Care, Fidelity National Financial, Five Guys, Estée...
Cybersecurity Threat Advisory: Critical Outlook vulnerability exploited
Microsoft recently discovered Russian state-sponsored hacker group APT28 (“Fancybear” or “Strontium”) exploiting a critical Outlook flaw to gain access to Microsoft Exchange accounts and steal their critical information. This Cybersecurity Threat Advisory looks at the threat and recommendations to protect...
Cybersecurity Threat Advisory: End-of-Life Microsoft Exchange servers exposed
In this Cybersecurity Threat Advisory, we look at how over 20,000 Microsoft (MS) Exchange email servers across Europe, the U.S., and Asia are at risk of cyberattacks due to running on unsupported software versions. These servers are susceptible to numerous...
Cybersecurity Threat Advisory: Citrix Bleed vulnerability actively exploited
Recently, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a cybersecurity advisory warning that ransomware groups are actively exploiting the ‘Citrix Bleed’ vulnerability. In this Cybersecurity Threat Advisory, we look at the Citrix...
Cybersecurity Threat Advisory: New vulnerability for Windows users
A new vulnerability has been identified which could compromise the security of Windows users. The vulnerability discussed in this Cybersecurity Threat Advisory, known as “forced authentication,” gives an attacker access to a user’s NT LAN Manager (NTLM) tokens by tricking...
Cybersecurity Threat Advisory: ‘LittleDrifter’ extends its reach
This Cybersecurity Threat Advisory sheds light on a recently discovered USB worm identified as “LittleDrifter” has been attributed to the Russia-linked hacker group known as Gamaredon. The worm has spread beyond its presumed intended target, Ukraine, to other countries including...
Cybersecurity Threat Advisory: Navigating holiday cyber risks
The holiday season is here, and organizations are facing an increased risk of cyberthreats with a notable focus on the activities of access brokers. These threat actors specialize in gaining and selling unauthorized access to organization accounts by orchestrating social...
Cybersecurity Threat Advisory: Bibi-Windows Wiper on the rise
Israel has recently been the target of cyberattacks involving a wiper malware that was previously observed to target both Linux and Windows systems. The wiper, named “BiBi-Windows Wiper”, has been used by a pro-Hamas hacker group in the wake of...
Cybersecurity Threat Advisory: Urgent Veeam ONE vulnerabilities
Several serious security flaws have been found in the Veeam ONE platform for analytics and IT infrastructure monitoring. These vulnerabilities may result in data breaches, illegal access, and NTLM hash theft. To fix these problems, Veeam has published security patches...
Cybersecurity Threat Advisory: HelloKitty group targets Apache
This Cybersecurity Threat Advisory discusses a new critical security flaw that was discovered in the Apache ActiveMQ open-source message broker service. This security flaw can potentially result in remote code execution, which is currently being exploited by the HelloKitty ransomware...
