Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: “File Archiver in the Browser” exploits
A new skilled and clever “File Archiver in the Browser” phishing trick that utilizes ZIP domains has surfaced. Bad actors can employ this technique to deceive users into downloading malicious files, compromise systems, and potentially gaining unauthorized access. What is...
Cybersecurity Threat Advisory: Critical MOVEit transfer vulnerability
A critical vulnerability has been discovered in MOVEit Transfer, a commonly used managed file transfer (MFT) solution developed by Progress Software. This vulnerability allows remote attackers to execute arbitrary code on affected systems. The vulnerability is actively exploited in the...
Cybersecurity Threat Advisory: AWS exploited for crypto mining operation
Indonesian cybercriminals are exploiting Amazon Web Services (AWS) instances to carry out illicit crypto mining activities. The GUI-vil group has been identified as the threat actors on this exploit. What is the threat? GUI-vil, a financially motivated threat actor, leverages...
Cybersecurity Threat Advisory: Three Apple zero-day vulnerabilities
Apple released security updates to address three new zero-day vulnerabilities being exploited in the wild. These vulnerabilities are associated with WebKit and covers different intrusion methods. Barracuda MSP recommends applying the latest security updates from Apple to resolve these vulnerabilities....
Cybersecurity Threat Advisory: Cisco Small Business Switches remote attack vulnerabilities
Multiple vulnerabilities have been discovered in Cisco Small Business routers, allowing bad actors to remotely execute arbitrary code with root privileges on an affected device and cause a denial of service (DoS) condition. These vulnerabilities are due to improper validation of requests...
Cybersecurity Threat Advisory: Critical PaperCut vulnerability actively exploited
A new vulnerability, CVE-2023-27350, has been discovered which affects PaperCut MF and NG print management software. Successful exploitation of the vulnerability would allow attackers to access sensitive user information (usernames, email addresses, office/department information, and card numbers) without authentication. A...
Cybersecurity Threat Advisory: EvilExtractor malware surge detected
EvilExtractor malware has spiked in Europe and the US. EvilExtractor is distributed through phishing campaigns and can harvest various types of data, including browser history, passwords, and cryptocurrency wallets. This is a concern because of the malware’s ability to evade...
Cybersecurity Threat Advisory: New QBot malware delivering campaigns discovered
A new QBot malware campaign has been discovered. Using hijacked business emails, bad actors are distributing PDF and WSF file formats in reply-chain phishing emails to distribute malware. The campaign is designed to steal sensitive data from the target system,...
Cybersecurity Threat Advisory: 3CX supply chain attack updates
This is a follow-up to the 3CX supply chain attack threat advisory. A malware was found in the 3CX VoIP Desktop Application, which has been delivered to users through legitimate 3CX updates. 3CX has since released security updates, and below...
Cybersecurity Threat Advisory: Supply chain attack compromised 3CXDesktopApp
A recent compromise has caused trojanized versions of the 3CXDesktopApp executable to be distributed on 3CX’s website as well as pushed through updates. The malicious version of the 3CX application is used to sideload malicious .DLL files. These .DLL files...
