Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Hackers Still Exploiting COVID-19
Advisory Overview Hacking groups are still exploiting the COVID-19 pandemic as an opportunity to perform cyber-attacks. The United States’ CISA and the United Kingdom’s NCSC teamed up to issue a joint alert to the top threats. Recommendations are focused on...
Cybersecurity Threat Advisory: RagnarLocker Ransomware Hits EDP Energy Giant
Advisory Overview Energy giant EDP was recently hit with RagnarLocker ransomware. The hacking group claiming responsibility is threatening to leak 10 TB of stolen data online, including personal information such as a password manager database if a ransom of almost...
Cybersecurity Threat Advisory: Maze Ransomware Hits Cognizant
Advisory Overview Cognizant was recently hit by the Maze ransomware. Maze is known for publicly shaming companies by leaking their data online until they pay a ransom, limiting the efficacy of backups in mitigating damage. The exact attack vector is...
Cybersecurity Threat Advisory: Hackers Targeting Microsoft SQL Servers
Advisory Overview A new brute force hacking campaign called “Vollgar” targets Microsoft SQL Servers with weak passwords. The campaigns installs a malicious payload to steal information, remote control, and hide its own activity. SKOUT has provided a link to a...
Cybersecurity Threat Advisory: Critical VMware Bug (CVE 2020-3952)
Advisory Overview There is a high severity vulnerability in VMware vCenter which could allow an attacker the ability to compromise all virtual machines on a server. The critical flaw scored a 10 out of 10 on the Common Vulnerability Scoring...
Cybersecurity Threat Advisory: Zoom Vulnerabilities and Zoom Bombing
Advisory Overview After a recent spike in usage due to global social distancing guidelines, multiple vulnerabilities have been discovered in Zoom. In addition, the ever growing userbase is seeing a rise in the number of “Zoom Bombing” attacks. These threats...
Cybersecurity Threat Advisory: Cyber Criminals Target Zoom Domains
Advisory Overview With the vast increase in the number of employees working remotely due to COVID-19, malicious actors are attempting to exploit uninformed users with fraudulent sites and applications. The nature of these attempts varies, but overwhelmingly rely on a...
Cybersecurity Threat Advisory: Windows GDI+ RCE Vulnerability (CVE-2020-0881)
Advisory Overview Multiple versions of Windows are affected by a new RCE vulnerability. Supported operating systems like Widows 8, 10, Server 2012, and Server 2016 were issued a patch normally on March 10th, but Windows 7 and Server 2008 were...
Cybersecurity Threat Advisory: Healthcare Facilities Targeted During COVID-19 Outbreak
Advisory Overview One of the Czech Republic’s biggest hospitals has been hit with a cyber-attack amid COVID-19 testing. Healthcare facilities, especially hospitals are advised to be on high alert. SKOUT recommends all organizations to be extra cautious during this time...
Cybersecurity Threat Advisory: COVID-19 Live Map Downloads Delivering Malware
Threat Overview There has been an increase in cyber criminals weaponizing fears concerning the Coronavirus to deliver malware. Delivery of this malware is done largely through spam email campaigns where users receive emails with deceptive text and attached files (usually...
