Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Botnets Version Hunting Perimeter Devices
Threat Update Threat actors have been seen in the wild scanning for perimeter devices which are running vulnerable firmware and have not been updated to allow for vulnerabilities to be patched. Perimeter devices (such as firewalls, intrusion detection/prevention systems, and...
Cybersecurity Threat Advisory: ThroughTek P2P Supply Chain Vulnerability
Threat Update ThroughTek, a massive original equipment manufacturer (OEM) supplier, has been made aware of a software vulnerability involving the IP cameras with P2P connections. The vulnerability could potentially allow unauthorized access to sensitive information via camera audio/video feeds. SKOUT...
Cybersecurity Threat Advisory: Malware Targeting Kubernetes Clusters and Windows Containers
Threat Update A new malware first discovered in March dubbed ‘Siloscape’ is actively targeting Kubernetes clusters via Windows containers. This malware has the potential to compromise an entire Kubernetes cluster. SKOUT recommends ensuring all clusters are updated with the latest...
Cybersecurity Threat Advisory: Recent Security Updates for SAP
Threat Update Critical security updates for Adobe Acrobat and Adobe Reader have recently been released for both Mac OS and Windows. These updates are extremely important, as they could lead to potential machine and network compromise. SKOUT recommends applying the...
Cybersecurity Threat Advisory: Recent Security Updates for Adobe Acrobat and Reader
Threat Update Critical security updates for many Adobe products have recently been released for both Mac OS and Windows. These updates are extremely important as they could lead to potential machine and network compromise. The most popular Adobe products, Acrobat...
Cybersecurity Threat Advisory: RCE Vulnerability in Siemens PLCs
Threat Update An unauthenticated remote code execution vulnerability has been detected in several Siemens PLC devices. An unauthenticated remote attacker with access to TCP port 102 could exploit this to read or write arbitrary code to protected memory areas. This...
Cybersecurity Threat Advisory: Increased Spear Phishing Activity of Nobelium Group
Threat Update Microsoft has actively been tracking a surge in spear phishing activity conducted by ‘Nobelium,’ the group behind the SUNBURST backdoor, TEARDROP and GoldMax malware. Technical Detail & Additional Information WHAT IS THE THREAT? The threat group ‘Nobelium’ has...
Cybersecurity Threat Advisory: Critical Zero-Day in HPE SIM Patched
Threat Update An extremely critical zero-day vulnerability has been found in Hewlett Packard Enterprise’s Systems Insight Manager for Windows. This exploit allows attackers to remotely execute code without being authenticated to the software. SKOUT recommends that companies apply the latest...
Cybersecurity Threat Advisory: Critical Zero-Day in WordPress Fancy Product Designer Plugin
Threat Update On May 31, 2021, a critical file upload vulnerability in Fancy Product Designer—a WordPress plugin installed on over 17,000 websites—was discovered to be under active exploitation by threat actors. Technical Detail & Additional Information WHAT IS THE THREAT?...
Cybersecurity Threat Advisory: VMWare vCenter Critical RCE Vulnerability
Threat Update VMware is a virtualization and cloud computing vendor which is used worldwide by many different companies. Recently, VMware announced that they were informed of two vulnerabilities which affect certain versions of its vCenter service. Successful exploitation of these...