Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Continued Log4j Scanning Activity
Threat Update In recent weeks, Microsoft has observed continued attempts by nation-state adversaries and commodity attackers to exploit security vulnerabilities uncovered in the Log4j open-source logging framework. Barracuda MSP’s Security Operation Center (SOC) is also observing scanning activity and exploit...
Cybersecurity Threat Advisory: Microsoft Patch Tuesday, December 2021
Threat Update Microsoft’s Patch Tuesday release for December 2021 comes with a Windows update that will apply patches for 67 different vulnerabilities. This update includes fixes for 7 critical vulnerabilities, and included fixes that prevented Denial of Service, Remote Code...
Cybersecurity Threat Advisory: Surge in Attacks Against WordPress Sites
Threat Update WordFence, a WordPress security platform, stated that they have blocked 13.7 million attacks against WordPress sites in the span of 36 hours. The number of attacks reflects a dramatic increase in activity from threat actors, originating from 16,000...
Cybersecurity Threat Advisory: SonicWall Patches Critical Vulnerabilities in VPN Appliances
Threat Update SonicWall, a widely-used network security company, has released patches to address several critical vulnerabilities within their SMA 100 Series VPN appliances. These vulnerabilities could allow attackers to execute arbitrary code, modify/delete files, bypass firewall rules, and even gain...
Cybersecurity Threat Advisory: Threat Actors Exploiting Microsoft Exchange Vulnerabilities
Threat Update In March 2021, Microsoft disclosed vulnerabilities existing within Microsoft Exchange versions 2010, 2013, 2016 and 2019. They are tracked as five different CVEs, which are listed below. Although these vulnerabilities were disclosed back in March, our Security Operations...
Cybersecurity Threat Advisory: Iranian APT Exploits Fortinet and Exchange Vulnerabilities
Threat Update Since as early as March 2021, the FBI and CISA have been monitoring an Iranian Government APT group that are currently exploiting a Fortinet vulnerability and a Microsoft Exchange ProxyShell vulnerability from October 2021. These vulnerabilities allowed the...
Cybersecurity Threat Advisory: Threat Actors Compromise FBI Email Platform
Threat Update On the evening of November 13, 2021, the FBI and CISA responded to multiple reports regarding messages sent from the FBI’s email infrastructure, which falsely warn users about a cyber attack. Their brief statement noted that the law...
Cybersecurity Threat Advisory: Zero-Day Vulnerability Found in Palo Alto Security Appliances
Threat Update Researchers have discovered a zero-day vulnerability that can allow an attacker to launch Remote Code Execution attacks on a security appliance made by Palo Alto Networks. This discovery leaves 10,000 firewalls potentially vulnerable. Technical Detail & Additional Information...
Cybersecurity Threat Advisory: Ranzy Locker Ransomware Gaining Traction
Threat Update The FBI has warned that over 30 US-based companies have been hit by the Ranzy Locker ransomware by July this year. The alert, which was issued alongside CISA, notes that most of the victims were compromised by brute...
Cybersecurity Threat Advisory: New Malware Used to Deploy Qakbot and Cobalt Strike
Threat Update Threat actors have begun using a new malware loader named Squirrelwaffle to gain an initial foothold in target networks and drop malware, including Qakbot and Cobalt Strike, onto compromised systems and networks in recent campaigns. Technical Detail &...
