Tag: Cybersecurity Threat Advisory

Cybersecurity Threat Advisory: Unprotected Marketing Database Exposes PII

Cybersecurity Threat Advisory: Unprotected Marketing Database Exposes PII

What is the Issue? On June 27th, an unprotected database belonging to a marketing firm containing 340 million records exposed to the internet was discovered. The database was found by an independent research firm. Why is this noteworthy? The unprotected...

/ April 19, 2019
Cybersecurity Threat Advisory: Necurs Malware Bypassing Conventional Detection Methods

Cybersecurity Threat Advisory: Necurs Malware Bypassing Conventional Detection Methods

What is the Issue? It has been discovered by Trend Micro that the Necurs malware, which was previously revealed as an internet shortcut, has now been found under the veil of the internet query file. These files innocently and typically...

/ April 18, 2019
Cybersecurity Threat Advisory: Mylobot Malware Brings New Sophistication to Botnets

Cybersecurity Threat Advisory: Mylobot Malware Brings New Sophistication to Botnets

What is the Issue? Researchers have discovered a New Windows malware whose origin traces back to the ‘Dark Web.’ The malware, dubbed Mylobot, pulls together a variety of strategies and techniques to gain a foothold on its targets and remain...

/ April 17, 2019
Cybersecurity Threat Advisory: MacOS Bypass Flaw Lets Attackers Sign Malicious Code as Apple

Cybersecurity Threat Advisory: MacOS Bypass Flaw Lets Attackers Sign Malicious Code as Apple

What is the Issue: Due to a flaw in Apple’s code-signing API, hackers have been able to manipulate the code-signing process to enter malicious code into MacOS systems. Third-party security tools were unable to detect the issue as the malicious...

/ April 16, 2019
Cybersecurity Threat Advisory: Adobe Flash Zero Day Patch

Cybersecurity Threat Advisory: Adobe Flash Zero Day Patch

What is the Issue: Adobe has recently released an emergency patch for a Flash Zero-Day vulnerability, that when exploited properly can allow an attacker to execute arbitrary code, and enable information disclosure. Most current web browsers block Adobe Flash all...

/ April 15, 2019
Cybersecurity Threat Advisory Google Chrome Content Security Policy

Cybersecurity Threat Advisory Google Chrome Content Security Policy

What is the Issue? Chrome’s security team described the issue as the web browser’s incorrect handling of CSP headers (CVE-2018-6148). They noted on their blog – “Access to bug details and links may be kept restricted until a majority of...

/ April 14, 2019
Cybersecurity Threat Advisory: Zip Slip Critical Flaw Hits Thousands of Open-Source Projects

Cybersecurity Threat Advisory: Zip Slip Critical Flaw Hits Thousands of Open-Source Projects

What is the Issue? Security firm Snyk has disclosed a widespread and critical flaw in multiple archive file-extraction libraries found in thousands of open-source web application projects from HP, Amazon, Apache, Oracle, LinkedIn, Twitter and others. Zip Slip is a...

/ December 11, 2018
Cybersecurity Threat Advisory: DHS Releases “Joanap” and “Brambul” Malware Indicators

Cybersecurity Threat Advisory: DHS Releases “Joanap” and “Brambul” Malware Indicators

What is the Issue: On Tuesday May 29, the Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI) released a comprehensive report on malware associated with North Korean Government cyber activity. The report details a remote access tool...

/ December 11, 2018
Cybersecurity Threat Advisory: Attackers Using GDPR Email Alerts to Conduct Phishing Attacks

Cybersecurity Threat Advisory: Attackers Using GDPR Email Alerts to Conduct Phishing Attacks

What is the Issue: With the EU rolling out new General Data Protection Regulation (GDPR) Laws on May 25th, many internet scammers have been using these laws to steal personal information, by sending fraudulent emails claiming to be from legitimate...

/ December 10, 2018
Cybersecurity Threat Advisory: Attackers Target Home and Office Routers and Network Devices

Cybersecurity Threat Advisory: Attackers Target Home and Office Routers and Network Devices

What is the issue: Cisco Talos Intelligence Group recently identified a new malware, known as VPNFilter, which may have infected upwards of 500,000 routers and network-attached storage devices (NAS) across the globe with malicious software. Most of these are small...

/ December 1, 2018