Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: End-of-Life Microsoft Exchange servers exposed
In this Cybersecurity Threat Advisory, we look at how over 20,000 Microsoft (MS) Exchange email servers across Europe, the U.S., and Asia are at risk of cyberattacks due to running on unsupported software versions. These servers are susceptible to numerous...
Cybersecurity Threat Advisory: Citrix Bleed vulnerability actively exploited
Recently, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a cybersecurity advisory warning that ransomware groups are actively exploiting the ‘Citrix Bleed’ vulnerability. In this Cybersecurity Threat Advisory, we look at the Citrix...
Cybersecurity Threat Advisory: New vulnerability for Windows users
A new vulnerability has been identified which could compromise the security of Windows users. The vulnerability discussed in this Cybersecurity Threat Advisory, known as “forced authentication,” gives an attacker access to a user’s NT LAN Manager (NTLM) tokens by tricking...
Cybersecurity Threat Advisory: ‘LittleDrifter’ extends its reach
This Cybersecurity Threat Advisory sheds light on a recently discovered USB worm identified as “LittleDrifter” has been attributed to the Russia-linked hacker group known as Gamaredon. The worm has spread beyond its presumed intended target, Ukraine, to other countries including...
Cybersecurity Threat Advisory: Navigating holiday cyber risks
The holiday season is here, and organizations are facing an increased risk of cyberthreats with a notable focus on the activities of access brokers. These threat actors specialize in gaining and selling unauthorized access to organization accounts by orchestrating social...
Cybersecurity Threat Advisory: Bibi-Windows Wiper on the rise
Israel has recently been the target of cyberattacks involving a wiper malware that was previously observed to target both Linux and Windows systems. The wiper, named “BiBi-Windows Wiper”, has been used by a pro-Hamas hacker group in the wake of...
Cybersecurity Threat Advisory: Urgent Veeam ONE vulnerabilities
Several serious security flaws have been found in the Veeam ONE platform for analytics and IT infrastructure monitoring. These vulnerabilities may result in data breaches, illegal access, and NTLM hash theft. To fix these problems, Veeam has published security patches...
Cybersecurity Threat Advisory: HelloKitty group targets Apache
This Cybersecurity Threat Advisory discusses a new critical security flaw that was discovered in the Apache ActiveMQ open-source message broker service. This security flaw can potentially result in remote code execution, which is currently being exploited by the HelloKitty ransomware...
Cybersecurity Threat Advisory: Atlassian confluence vulnerability
This Cybersecurity Threat Advisory highlights a new security flaw that has recently been discovered in Atlassian’s Confluence Data Center and Server, which could result in significant data loss if exploited. Tracked as CVE-2023-22518, this vulnerability is rated 9.1 out of...
Cybersecurity Threat Advisory: VMware critical code vulnerability
VMware has published a security advisory regarding a critical out-of-bounds write vulnerability (CVE-2023-34048) that has been fixed in the latest updates by VMware. The vulnerability shared in this Cybersecurity Threat Advisory has received a critical severity rating by VMware. It...
