Tag: Cybersecurity Threat Advisory

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Three critical Sophos firewall vulnerabilities

Cybersecurity Threat Advisory: Three critical Sophos firewall vulnerabilities

Sophos has disclosed three critical vulnerabilities in its firewall product that could allow remote unauthenticated attackers to perform structured query language (SQL) injection, execute arbitrary code, and gain privileged secure shell (SSH) access to affected devices. Review the details of...

/ December 23, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Adobe ColdFusion vulnerability

Cybersecurity Threat Advisory: Adobe ColdFusion vulnerability

A vulnerability within Adobe ColdFusion could result in arbitrary system file reads and writes. Continue reading this Cybersecurity Threat Advisory to learn how to mitigate your risk. What is the threat? The vulnerability, tracked as CVE-2024-20767, was found within the...

/ December 21, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Windows kernel vulnerability

Cybersecurity Threat Advisory: Critical Windows kernel vulnerability

A pointer dereference weakness was discovered within the Microsoft Kernel Streaming Service that would allow an attacker to escalate their privileges to SYSTEM without any user interaction being required. Review the details in this Cybersecurity Threat Advisory to learn how...

/ December 20, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New social engineering campaign

Cybersecurity Threat Advisory: New social engineering campaign

An active social engineering campaigns uses Microsoft Teams and AnyDesk to deploy DarkGate malware. Attackers are impersonating trusted contacts during Teams calls to deceive victims into installing remote access tools, facilitating unauthorized system access, and deploying the malware. Review the...

/ December 20, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Microsoft MFA AuthQuake flaw

Cybersecurity Threat Advisory: Microsoft MFA AuthQuake flaw

A new critical security flaw in Microsoft’s multi-factor authentication (MFA) system has been discovered. It enables attackers to easily bypass the protection and gain unauthorized access to user accounts. Review this Cybersecurity Threat Advisory to learn how to mitigate your...

/ December 19, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: CoinLurker malware exploit

Cybersecurity Threat Advisory: CoinLurker malware exploit

Threat actors have begun using bogus software updates to deliver a new stealer malware known as “CoinLurker.” This malware uses cutting-edge obfuscation and anti-analysis techniques, making them frighteningly effective for threat actors. Continue reading this Cybersecurity Threat Advisory to learn...

/ December 19, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Ivanti CSA authentication bypass vulnerability

Cybersecurity Threat Advisory: Ivanti CSA authentication bypass vulnerability

Ivanti has issued a warning about a critical authentication bypass vulnerability in its Cloud Services Appliance (CSA) solution, tracked as CVE-2024-11639. The vulnerability allows remote attackers to gain administrative privileges without authentication or user interaction, enabling them to bypass security...

/ December 13, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Active exploitation of VSCode tunnels

Cybersecurity Threat Advisory: Active exploitation of VSCode tunnels

An advanced persistent threat (APT) group, Stately Taurus, has been exploiting a vulnerability in Visual Studio Code (VSCode) tunnels to maintain persistent remote access in compromised systems. Review the details in this Cybersecurity Threat Advisory to secure your environment. What...

/ December 11, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Socks5Systemz botnet compromise

Cybersecurity Threat Advisory: Socks5Systemz botnet compromise

The Socks5Systemz botnet has been revealed as the backbone for the illicit proxy service PROXY.AM, compromising over 85,000 devices globally. This botnet enables cybercriminals to conduct anonymous operations, including fraud, data theft, and distributed denial-of-service (DDoS) attacks. Continue to read...

/ December 11, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Cleo file transfer critical vulnerability

Cybersecurity Threat Advisory: Cleo file transfer critical vulnerability

A critical vulnerability, identified as CVE-2024-50623, has been discovered in Cleo’s file transfer software suite. This vulnerability allows attackers to exploit an unrestricted file upload and download flaw, potentially leading to remote code execution (RCE) on vulnerable systems. Continue reading...

/ December 10, 2024