Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Cyberattacks on MGM Resorts
This Cybersecurity Threat Advisory highlights cyberattacks on MGM Resorts, a $33 billion hospitality and entertainment company operating out of Las Vegas. On Monday, September 11th, 2023, MGM Resorts experienced a ransomware attack that encrypted over 100 ESXi hypervisors and exfiltrated...
Cybersecurity Threat Advisory: Sophisticated phishing campaign identified
This Cybersecurity Threat Advisory focuses on a sophisticated phishing campaign that uses a Microsoft Word document lure to distribute a trio of threats. The threats are Agent Tesla, OriginBotnet, and RedLine Clipper, and are designed to gather a wide range...
Cybersecurity Threat Advisory: New Android zero-day exploit found
This Cybersecurity Threat Advisory involves a critical zero-day vulnerability affecting Android devices, tracked as CVE-2023-35674, posing a significant threat to Android users. This vulnerability allows malicious actors to execute arbitrary code remotely, potentially compromising sensitive user data and device functionality....
Cybersecurity Threat Advisory: Zero-day vulnerabilities found in Apple’s PassKit
Today’s Cybersecurity Threat Advisory involves Apple, who recently released critical updates for iPhone and Mac products after two zero-day vulnerabilities were discovered in their PassKit framework via iMessage. Both vulnerabilities allow malicious actors to perform arbitrary code execution on devices...
Cybersecurity Threat Advisory: New VMware Aria vulnerability identified
Today’s Cybersecurity Threat Advisory highlights an SSH authentication bypass flaw, identified as CVE-2023-34039, which has been discovered in VMware Aria. It has a severity rating of “critical” and a CVSS v3 scope of 9.8. This vulnerability allows remote attackers to...
Cybersecurity Threat Advisory: Social engineering attacks targeting Okta
Today’s Cybersecurity Threat Advisory highlights Okta, who in recent weeks has experienced social engineering attacks by threat actors looking to attain highly privileged roles within Okta’s accounts. The company has warned about social engineering attacks targeting IT service desk agents...
Cybersecurity Threat Advisory: Vulnerabilities found in Juniper firewalls
Today’s Cybersecurity Threat Advisory involves proof-of-concept exploit code that has been publicly released in Juniper SRX firewalls. Using the proof-of-concept exploit code can allow unauthenticated attackers access to remotely execute code in unpatched Juniper JunOS devices. This news comes after...
Cybersecurity Threat Advisory: 3 High-severity CISCO vulnerabilities discovered
In the latest Cybersecurity Threat Advisory, Cisco has addressed three high-severity vulnerabilities within its NX-OS and FXOS software, which have the potential to trigger denial-of-service (DoS) conditions. These vulnerabilities could be exploited by malicious actors to disrupt the normal functioning...
Cybersecurity Threat Advisory: XLoader malware targeting macOS
Today’s Cybersecurity Threat Advisory sheds light on a resurgence of XLoader malware in the wild targeting macOS systems as a disguised “OfficeNote” application. This trojan leverages social engineering tactics to entice users into downloading and executing the malicious app that...
Cybersecurity Threat Advisory: New Microsoft support scam
The latest Cybersecurity Threat Advisory highlights the new false advertisement for Amazon through Google search engine. The advertisement redirects users to a Microsoft Defender support scam that locks up their browser. Barracuda MSP recommends avoiding clicking on any “Sponsored” result...
