Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: ATPs Exploiting FortiOS Vulnerabilities
Threat Update The FBI and CISA released a joint cybersecurity advisory documenting that a number of APTs have been seen in the wild scanning for three FortiOS vulnerabilities (CVE-2018-13379, CVE-2019-5591 and CVE-2020-12812). These vulnerabilities, if exploited, can allow unauthorized remote...
Cybersecurity Threat Advisory: Purple Fox Rootkit
Threat Update The Purple Fox rootkit has recently improved propagation capabilities which makes it easier to spread through a network. This could make it easier for threat actors to steal data from or potentially infect compromised machines with other types...
Cybersecurity Threat Advisory: MacOS Malware XcodeSpy
Threat Update A malicious version of the macOS development environment Xcode has been spotted in the wild. Dubbed “XcodeSpy,” its main function is to use a custom Run Script to connect to a C&C server when a compromised application is...
Cybersecurity Threat Advisory: AWS S3 Bucket Exposure Causes Patient Data Breach
Threat Update Over 50,000 patient records at a Utah-based COVID-19 testing service were exposed due to a common AWS S3 cloud security misconfiguration. This mishap led to a severe breach of patient data confidentiality, giving malicious actors an opportunity to...
Cybersecurity Threat Advisory: WordPress Elementor Vulnerability
Threat Update Wordfence has advised that all users of the popular WordPress website builder plugin Elementor update to the latest version available (currently version 3.1.4), including users of either the Free version or Pro version. There is a stored XSS...
Cybersecurity Threat Advisory: Numerous IOT Cameras Hacked
Threat Update Verkada Inc, an organization providing IOT security cameras to public and private organizations across the globe, has reportedly had its camera systems compromised. Attackers claim to have breached the organization and accessed both live and archived camera feeds...
Cybersecurity Threat Advisory: F5 Big IP Vulnerability
Threat Update Network provider, F5 Networks, a leading networking provider for businesses everywhere, has announced the discovery of multiple remote code execution vulnerabilities. There are four of these RCE vulnerabilities, which effect most BIG-IP and BIG-IQ software versions. Successful exploitation...
Cybersecurity Threat Advisory: Mobile Security Threats
Threat Update Multiple potential mobile threats have emerged recently, with T-Mobile disclosing a data breach caused by SIM swapping attacks, and news surfacing of the Android “SHAREit” app allowing attackers to steal user information. These vulnerabilities could potentially allow for...
Cybersecurity Threat Advisory: HAFNIUM Targeting Exchange Servers with Zero-day Exploits
Threat Update Microsoft has released several security updates due to targeted attacks against vulnerabilities found in Microsoft Exchange Server (versions 2013, 2016, and 2019). Though the attacks are said to have been limited, Microsoft is urging the immediate updating of...
Cybersecurity Threat Advisory: Critical VMware Vulnerabilities
Threat Update VMware has released an advisory detailing newly discovered vulnerabilities across multiple products, namely ESXI, vCenter Server and Cloud Foundation. The severity of these vulnerabilities varies but included among them is a remote code execution vulnerability that has received...
