Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Maze Ransomware Hits Cognizant
Advisory Overview Cognizant was recently hit by the Maze ransomware. Maze is known for publicly shaming companies by leaking their data online until they pay a ransom, limiting the efficacy of backups in mitigating damage. The exact attack vector is...
Cybersecurity Threat Advisory: Hackers Targeting Microsoft SQL Servers
Advisory Overview A new brute force hacking campaign called “Vollgar” targets Microsoft SQL Servers with weak passwords. The campaigns installs a malicious payload to steal information, remote control, and hide its own activity. SKOUT has provided a link to a...
Cybersecurity Threat Advisory: Critical VMware Bug (CVE 2020-3952)
Advisory Overview There is a high severity vulnerability in VMware vCenter which could allow an attacker the ability to compromise all virtual machines on a server. The critical flaw scored a 10 out of 10 on the Common Vulnerability Scoring...
Cybersecurity Threat Advisory: Zoom Vulnerabilities and Zoom Bombing
Advisory Overview After a recent spike in usage due to global social distancing guidelines, multiple vulnerabilities have been discovered in Zoom. In addition, the ever growing userbase is seeing a rise in the number of “Zoom Bombing” attacks. These threats...
Cybersecurity Threat Advisory: Cyber Criminals Target Zoom Domains
Advisory Overview With the vast increase in the number of employees working remotely due to COVID-19, malicious actors are attempting to exploit uninformed users with fraudulent sites and applications. The nature of these attempts varies, but overwhelmingly rely on a...
Cybersecurity Threat Advisory: Windows GDI+ RCE Vulnerability (CVE-2020-0881)
Advisory Overview Multiple versions of Windows are affected by a new RCE vulnerability. Supported operating systems like Widows 8, 10, Server 2012, and Server 2016 were issued a patch normally on March 10th, but Windows 7 and Server 2008 were...
Cybersecurity Threat Advisory: Healthcare Facilities Targeted During COVID-19 Outbreak
Advisory Overview One of the Czech Republic’s biggest hospitals has been hit with a cyber-attack amid COVID-19 testing. Healthcare facilities, especially hospitals are advised to be on high alert. SKOUT recommends all organizations to be extra cautious during this time...
Cybersecurity Threat Advisory: COVID-19 Live Map Downloads Delivering Malware
Threat Overview There has been an increase in cyber criminals weaponizing fears concerning the Coronavirus to deliver malware. Delivery of this malware is done largely through spam email campaigns where users receive emails with deceptive text and attached files (usually...
Cybersecurity Threat Advisory: SMBGhost (CVE-2020-0796)
Advisory Overview Microsoft has released a patch outside their regular cycle for Microsoft Windows 10 & Windows Server within SMB, a commonly utilized Windows protocol. The vulnerability allows a threat actor to execute code on the target server or client...
Cybersecurity Threat Advisory: ManageEngine RCE (CVE-2020-10189)
Advisory Overview Zoho ManageEngine Desktop Central is vulnerable to Remote Code Execution (RCE). The vulnerability could potentially allow an attacker to execute arbitrary code as SYSTEM or root, without the need for authentication. SKOUT recommends updating ManageEngine Desktop Central to...
