Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Flaws in SD-WAN vManage and HyperFlex Fixed by Cisco
Threat Update Cisco has released patches to address flaws in their SD-WAN vManage and HyperFlex HX software that could allow unauthenticated users create admin accounts as a root user. Threat actors could utilize these flaws, if unpatched, to gain access...
Cybersecurity Threat Advisory: Many Email Servers Impacted by 21Nails Vulnerabilities
Threat Update Developers behind Exim, a highly adopted mail transfer agent (MTA) solution have released a path to resolve 21 vulnerabilities. The developers have pushed this patch out in order to prevent threat actors from taking over servers using multiple...
Cybersecurity Threat Advisory: Pulse Secure Zero-Day Authentication Bypass
Threat Update A zero-day vulnerability has been discovered in Pulse Secure VPN appliances and has resulted in the compromise of several U.S governmental organizations and agencies. This vulnerability allows an attacker to bypass multi-factor authentication by modifying legitimate Pulse Secure...
Cybersecurity Threat Advisory: Windows RPC Protocol RemotePotato0 Exploit
Threat Update A new privilege escalation vulnerability has been discovered inside of the Windows RPC protocol. This vulnerability, known as RemotePotato0, is a NTLM relay attack which could allow attackers to escalate their privileges from a normal User all the...
Cybersecurity Threat Advisory: Exchange Vulnerabilities Being Exploited by Botnet
Threat Update The botnet “Prometei”, discovered in 2020, has been targeting Exchange servers across the United States using the vulnerabilities recently targeted by HAFNIUM. Technical Detail & Additional Information WHAT IS THE THREAT? The Prometei botnet, previously used for mining...
Cybersecurity Threat Advisory: Trend Micro Security Vulnerability Exploited
Threat Update On April 21st, US-Japanese cybersecurity company Trend Micro disclosed that a threat actor are exploiting a known vulnerability in several of its antivirus products (Apex One, Apex One as a Service, OfficeScan XG SP1, Worry-Free Business Security, and...
Cybersecurity Threat Advisory: Over 1 Million Windows RDP Credentials Leaked
Threat Update Hacker group UAS has had 1.3 million RDP credentials for Windows servers leaked by security researchers. The compromised credentials could possibly allow a malicious actor to log into a compromised RDP server. It is imperative to keep best...
Cybersecurity Threat Advisory: SonicWall Zero-Day Vulnerabilities
Threat Update SonicWall, a security hardware manufacturer, has released patches to address a set of three zero-day vulnerabilities. These vulnerabilities affect both on-premises and hosted Email Security products. These vulnerabilities could allow for attackers to create administrative accounts, upload arbitrary...
Cybersecurity Threat Advisory 0021-21: 4/13/21 Microsoft Exchange Patches 2.0
Threat Update Due to the rise in targeted attacks on on-prem Microsoft Exchange servers, Microsoft, security vendors, and threat actors across the world have been looking for vulnerabilities within Microsoft Exchange services. This past Tuesday (4/13/2021), Microsoft has issued another...
Cybersecurity Threat Advisory: Critical VMware Carbon Black Cloud Vulnerability
Threat Update A critical vulnerability was recently discovered in the VMWare Carbon Black Workload appliance that could allow an attacker to take control of a vulnerable system. A successful exploit would give an attacker the ability to obtain a valid...
