Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: FireEye Breach
Advisory Overview FireEye, a major cybersecurity organization, has reported a compromise that resulted in the theft of their suite of Red Team tools. While these tools do not contain any zero-day vulnerabilities, only widely known and documented methods, the theft...
Cybersecurity Threat Advisory: Egregor Ransomware
Advisory Overview The Ransomware as a Service variant “Egregor” is spiking across the Cybersecurity and IT landscape after the shutdown of the notorious Maze ransomware campaign. Some major organizations have fallen victim to the malware including Kmart, Cencosud (a retail...
Cybersecurity Threat Advisory: POS Malware Targeting Restaurants
Advisory Overview Cybersecurity researchers have discovered a modular backdoor known as ModPipe targeting point-of-sale (POS) systems in the hospitality sector. This malware can potentially allow unauthorized retrieval of payment information. SKOUT recommends maintaining updates and patches for all POS systems...
Cybersecurity Threat Advisory: Apple MacOS Big Sur Vulnerabilities
Advisory Overview Apple has deprecated its support for its Network Kernel Extensions (NKE) which are the services that supported local firewalls on previous Mac systems. This change has allowed macOS Big Sur and roughly 50 other applications in Apple’s app...
Cybersecurity Threat Advisory: Second Patch Released for VMWare Vulnerability
Advisory Overview A previously discovered remote code execution vulnerability for VMware ESXi has received a second patch from VMware, which should now correctly stop exploitation of the OpenSLP service issue. If an attacker were to attempt to exploit an unpatched...
Cybersecurity Threat Advisory: Ryuk Ransomware Activities Overview
Advisory Overview The SKOUT Security Operation Center is closely following the increase of ransomware activity targeting the healthcare sector. Threat actors are infecting critical healthcare providers/facilities networks with the ransomware variant, Ryuk. A successful attack could disable critical healthcare infrastructure...
Cybersecurity Threat Advisory: Cisco Webex Teams for Windows DLL Hijacking
Advisory Overview A vulnerability has been discovered which affects the Cisco Webex Teams client for Windows which can allow an authenticated, local attacker to execute arbitrary code at potentially increased privilege through DLL hijacking. This can allow an attacker to...
Cybersecurity Threat Advisory: Cyber Threats Affecting U.S.A Presidential Election
Advisory Overview With the United States Presidential Election coming up, cyber-criminal and hacktivist activity has grown. Recent phishing and disinformation campaigns may pose a threat to the election’s validity on a large scale, as well as voter personal identifiable information...
Cybersecurity Threat Advisory: Universal Health Services Infected with Ryuk Ransomware
Advisory Overview Earlier this week, Universal Health Services (UHS) suffered a ransomware attack that took down data networks at multiple facilities across the United States, wherein systems were crippled, antivirus software was maliciously disabled, many patients had to be relocated,...
Cybersecurity Threat Advisory: Increased Attack Activity of Trickbot Variant
Advisory Overview The SKOUT Security Operations Center has recently observed an uptick in attack activity involving an emerging Trickbot variant known as Bazar Backdoor. Trickbot is a banking trojan and information stealer that has evolved over the years to fill...
