Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Microsoft Teams Account Takeover Vulnerability
Advisory Overview Unpatched versions of Microsoft Teams are potentially vulnerable to an account takeover attack using GIF files or links. SKOUT advises updating Microsoft teams to the latest version. In addition, organizations should review access control, phishing training, and social...
Cybersecurity Threat Advisory: Office 365 Security Recommendations from CISA
Advisory Overview The United States Cybersecurity and Infrastructure Security Agency (CISA) released an alert detailing possible security risks in Office 365 and ways to mitigate them. CISA mentions that security risks may be amplified due to the rapid movement to...
Cybersecurity Threat Advisory: Sophos Firewall Zero-Day (CVE-2020-12271)
Advisory Overview Unpatched versions of Sophos XG Firewalls are potentially vulnerable to SQL Injection attacks. Sophos pushed out an automatic update, but some devices may need to be manually patched or rebooted for the changes to take effect. Specific guidance...
Cybersecurity Threat Advisory: Hackers Still Exploiting COVID-19
Advisory Overview Hacking groups are still exploiting the COVID-19 pandemic as an opportunity to perform cyber-attacks. The United States’ CISA and the United Kingdom’s NCSC teamed up to issue a joint alert to the top threats. Recommendations are focused on...
Cybersecurity Threat Advisory: RagnarLocker Ransomware Hits EDP Energy Giant
Advisory Overview Energy giant EDP was recently hit with RagnarLocker ransomware. The hacking group claiming responsibility is threatening to leak 10 TB of stolen data online, including personal information such as a password manager database if a ransom of almost...
Cybersecurity Threat Advisory: Maze Ransomware Hits Cognizant
Advisory Overview Cognizant was recently hit by the Maze ransomware. Maze is known for publicly shaming companies by leaking their data online until they pay a ransom, limiting the efficacy of backups in mitigating damage. The exact attack vector is...
Cybersecurity Threat Advisory: Hackers Targeting Microsoft SQL Servers
Advisory Overview A new brute force hacking campaign called “Vollgar” targets Microsoft SQL Servers with weak passwords. The campaigns installs a malicious payload to steal information, remote control, and hide its own activity. SKOUT has provided a link to a...
Cybersecurity Threat Advisory: Critical VMware Bug (CVE 2020-3952)
Advisory Overview There is a high severity vulnerability in VMware vCenter which could allow an attacker the ability to compromise all virtual machines on a server. The critical flaw scored a 10 out of 10 on the Common Vulnerability Scoring...
Cybersecurity Threat Advisory: Zoom Vulnerabilities and Zoom Bombing
Advisory Overview After a recent spike in usage due to global social distancing guidelines, multiple vulnerabilities have been discovered in Zoom. In addition, the ever growing userbase is seeing a rise in the number of “Zoom Bombing” attacks. These threats...
Cybersecurity Threat Advisory: Cyber Criminals Target Zoom Domains
Advisory Overview With the vast increase in the number of employees working remotely due to COVID-19, malicious actors are attempting to exploit uninformed users with fraudulent sites and applications. The nature of these attempts varies, but overwhelmingly rely on a...
