Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Increase in Activity from Sophisticated Threat Actors
Threat Update A large increase of activity has been seen from malicious threat actors. Many different vectors have been combined to facilitate targeted and widespread attacks. Considering the technical difficulty of these methods, these attackers are highly sophisticated, and organizations...
Cybersecurity Threat Advisory: Malicious Call Centers Spreading BazarLoader Malware
Threat Update Security researchers have released their latest findings on BazarLoader, malware that provides backdoor access to an infected Windows host. Threat actors will use this malware to infect and infiltrate a victim’s system, send follow-up malware and exploit other...
Cybersecurity Threat Advisory: DarkSide Ransomware Group Strikes Again
Threat Update The ransomware group responsible for the Colonial Pipeline attack has struck again – this time affecting European subsidiaries of Toshiba. Some of Toshiba’s networks were shut down in response, demonstrating how effective ransomware is becoming as a method...
Cybersecurity Threat Advisory: Microsoft Patch Tuesday, May 2021
Threat Update Microsoft’s Patch Tuesday release for May 2021 comes with a Windows update that will remediate a multitude of vulnerabilities. The update will patch 55 vulnerabilities, one of which is critical, 50 important, and one moderate. It also includes...
Cybersecurity Threat Advisory: HPE Edgeline Infrastructure Manager Vulnerability
Threat Update The organization Hewlett Packard/HP provides many different technologies that are used on both a personal and business level. A vulnerability was recently discovered in one of their commonly used tools, HPE Edgeline Infrastructure manager. The vulnerability could allow...
Cybersecurity Threat Advisory: Critical Flaws in SD-WAN vManage and HyperFlex Fixed by Cisco
Threat Update Cisco has released patches to address flaws in their SD-WAN vManage and HyperFlex HX software that could allow unauthenticated users create admin accounts as a root user. Threat actors could utilize these flaws, if unpatched, to gain access...
Cybersecurity Threat Advisory: Many Email Servers Impacted by 21Nails Vulnerabilities
Threat Update Developers behind Exim, a highly adopted mail transfer agent (MTA) solution have released a path to resolve 21 vulnerabilities. The developers have pushed this patch out in order to prevent threat actors from taking over servers using multiple...
Cybersecurity Threat Advisory: Pulse Secure Zero-Day Authentication Bypass
Threat Update A zero-day vulnerability has been discovered in Pulse Secure VPN appliances and has resulted in the compromise of several U.S governmental organizations and agencies. This vulnerability allows an attacker to bypass multi-factor authentication by modifying legitimate Pulse Secure...
Cybersecurity Threat Advisory: Windows RPC Protocol RemotePotato0 Exploit
Threat Update A new privilege escalation vulnerability has been discovered inside of the Windows RPC protocol. This vulnerability, known as RemotePotato0, is a NTLM relay attack which could allow attackers to escalate their privileges from a normal User all the...
Cybersecurity Threat Advisory: Exchange Vulnerabilities Being Exploited by Botnet
Threat Update The botnet “Prometei”, discovered in 2020, has been targeting Exchange servers across the United States using the vulnerabilities recently targeted by HAFNIUM. Technical Detail & Additional Information WHAT IS THE THREAT? The Prometei botnet, previously used for mining...
