Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: SolarWinds RMM Vulnerability
Advisory Overview SolarWinds RMM has identified a vulnerability in versions 10.8.8 and earlier that could allow an attacker to target all devices running the Advanced Monitoring Agent. The attack could allow an attacker to download malware, modify data, and delete...
Cybersecurity Threat Advisory: VMware Cloud Director Flaws (CVE 2020-3956)
Advisory Overview VMware Cloud Director is potentially vulnerable to a remote code injection attack that would allow an attacker to view/modify databases and escalate privileges from organizational admin to system admin. SKOUT advises updating VMware Cloud Director to version 10.1.0...
Cybersecurity Threat Advisory: SAP Adaptive Server Enterprise Vulnerabilities
Advisory Overview Six critical vulnerabilities were recently disclosed in SAP Adaptive Server Enterprise that could allow hackers to execute arbitrary code, expose passwords, and elevate privileges. SKOUT recommends updating SAP ASE to the latest version. Technical detail and additional information...
Cybersecurity Threat Advisory: ConnectWise Automate Security Vulnerability
Advisory Overview ConnectWise issued a warning to its MSP customers about a security vulnerability found in Automate, a remote management platform, in which the API can be used by a remote user to make modifications to the Automate instance. Technical...
Cybersecurity Threat Advisory: Microsoft Releases Patch for Critical Vulnerability SMBleed
Advisory Overview Microsoft has released a patch for a critical vulnerability affecting Server Message Block (SMB) protocol. This new vulnerability can be exploited to allow an attacker to leak information from kernel memory remotely and can be combined with additional...
Cybersecurity Threat Advisory: Exim Mail Transfer Agent Actively Exploited by Russian
Advisory Overview According the NSA, Russian military cyber actors have been exploiting a vulnerability in Exim mail transfer agent (MTA) software in Unix-based systems. The vulnerability could allow hackers to execute commands with root privileges. SKOUT recommends updating Exim to...
Cybersecurity Threat Advisory: Office 365 MFA Bypass Phishing Attack
Advisory Overview A new type of Office 365 Phishing attack uses the legitimate Microsoft login page to bypass multi-factor authentication. The attack grants certain permissions to threat actors, compromising the target user’s account and its data. SKOUT advises businesses to...
Cybersecurity Threat Advisory: Microsoft Teams Account Takeover Vulnerability
Advisory Overview Unpatched versions of Microsoft Teams are potentially vulnerable to an account takeover attack using GIF files or links. SKOUT advises updating Microsoft teams to the latest version. In addition, organizations should review access control, phishing training, and social...
Cybersecurity Threat Advisory: Office 365 Security Recommendations from CISA
Advisory Overview The United States Cybersecurity and Infrastructure Security Agency (CISA) released an alert detailing possible security risks in Office 365 and ways to mitigate them. CISA mentions that security risks may be amplified due to the rapid movement to...
Cybersecurity Threat Advisory: Sophos Firewall Zero-Day (CVE-2020-12271)
Advisory Overview Unpatched versions of Sophos XG Firewalls are potentially vulnerable to SQL Injection attacks. Sophos pushed out an automatic update, but some devices may need to be manually patched or rebooted for the changes to take effect. Specific guidance...
