Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: AWS exploited for crypto mining operation
Indonesian cybercriminals are exploiting Amazon Web Services (AWS) instances to carry out illicit crypto mining activities. The GUI-vil group has been identified as the threat actors on this exploit. What is the threat? GUI-vil, a financially motivated threat actor, leverages...
Cybersecurity Threat Advisory: Three Apple zero-day vulnerabilities
Apple released security updates to address three new zero-day vulnerabilities being exploited in the wild. These vulnerabilities are associated with WebKit and covers different intrusion methods. Barracuda MSP recommends applying the latest security updates from Apple to resolve these vulnerabilities....
Cybersecurity Threat Advisory: Cisco Small Business Switches remote attack vulnerabilities
Multiple vulnerabilities have been discovered in Cisco Small Business routers, allowing bad actors to remotely execute arbitrary code with root privileges on an affected device and cause a denial of service (DoS) condition. These vulnerabilities are due to improper validation of requests...
Cybersecurity Threat Advisory: Critical PaperCut vulnerability actively exploited
A new vulnerability, CVE-2023-27350, has been discovered which affects PaperCut MF and NG print management software. Successful exploitation of the vulnerability would allow attackers to access sensitive user information (usernames, email addresses, office/department information, and card numbers) without authentication. A...
Cybersecurity Threat Advisory: EvilExtractor malware surge detected
EvilExtractor malware has spiked in Europe and the US. EvilExtractor is distributed through phishing campaigns and can harvest various types of data, including browser history, passwords, and cryptocurrency wallets. This is a concern because of the malware’s ability to evade...
Cybersecurity Threat Advisory: New QBot malware delivering campaigns discovered
A new QBot malware campaign has been discovered. Using hijacked business emails, bad actors are distributing PDF and WSF file formats in reply-chain phishing emails to distribute malware. The campaign is designed to steal sensitive data from the target system,...
Cybersecurity Threat Advisory: 3CX supply chain attack updates
This is a follow-up to the 3CX supply chain attack threat advisory. A malware was found in the 3CX VoIP Desktop Application, which has been delivered to users through legitimate 3CX updates. 3CX has since released security updates, and below...
Cybersecurity Threat Advisory: Supply chain attack compromised 3CXDesktopApp
A recent compromise has caused trojanized versions of the 3CXDesktopApp executable to be distributed on 3CX’s website as well as pushed through updates. The malicious version of the 3CX application is used to sideload malicious .DLL files. These .DLL files...
Cybersecurity Threat Advisory: Microsoft Outlook elevation of privilege vulnerability
Last week, Microsoft Threat Intelligence discovered a critical elevation of privilege (EoP) vulnerability in Microsoft Outlook that allows for New Technology LAN Manager (NTLM) credentials to be stolen. Threat actors can potentially authenticate, escalate privileges, and gain access to the...
Cybersecurity Threat Advisory: New Fortinet vulnerability
Fortinet has released information concerning a FortiOS & FortiProxy Heap Buffer administrative interface vulnerability with a CVSS score of 9.3. The vulnerability allows an unauthenticated attacker to execute commands on the device and/or perform a denial-of-service (DoS) attack on the...
