Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Sodinokibi Ransomware
Advisory Overview We have previously issued advisories on Sodinokibi Ransomware in Threat Advisory 0034-19 and Threat Advisory 0021-19. The same strand recently hit a Colorado Based MSP Synoptek and the foreign currency exchange Travelex. Sodinokibi has been particularly damaging and...
Cybersecurity Threat Advisory: SIM Swapping Fraud
Advisory Overview There has been increase in targeted attacks using SIM Swapping as a method to gain access to victim’s private data such as banking information, credit card information, and personally identifiable information. We advise taking extra precautions to secure...
Cybersecurity Threat Advisory: RSA SecurID 2FA Bypass
Advisory Overview Malicious actors have found a way to bypass 2FA for VPN accounts that were secured with RSA SecurID. RSA considers the scenario to be against recommended deployment practices rather than a security vulnerability. They continued to say that...
Cybersecurity Threat Advisory: Windows 7 End of Life
Advisory Overview Windows 7 has reached end of life on January 14th, 2020. Users who fail to upgrade leave themselves vulnerable to newly discovered malware and remote code execution attacks as Microsoft will no longer provide security fixes for these...
Cybersecurity Threat Advisory: Windows CryptoAPI Spoofing Vulnerability
Advisory Overview Multiple versions of Windows are susceptible to a spoofing vulnerability that could allow an attacker to modify TLS-encrypted communications or spoof an Authenticode signature. Microsoft has issued an update to fix the vulnerability which is available in the...
Cybersecurity Threat Advisory: Rise in Malicious Cyber Activity by Iranian Regime Actors
Advisory Overview There has been a rise in recent malicious cyber activity directed at United States industries and government agencies by Iranian regime actors and proxies, according to the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA)...
Cybersecurity Threat Advisory: LifeLabs Cyberattack & Data Breach
Advisory Overview During October 2019 LifeLabs experienced a large-scale ransomware incident where attackers potentially gained access to various pieces of personal information for up to 15 million customers primarily within the British Columbia & Ontario areas of Canada. LifeLabs reportedly...
Cybersecurity Threat Advisory: Vulnerability in Two Citrix Devices (Updated Jan 30th 2020)
Update Threat actors are now exploiting this vulnerability to deploy ransomware on customers networks. Citrix has provided a patch for this vulnerability and SKOUT has seen successful exploitation of the vulnerability. Patching is not enough, researchers have found that threat...
Cybersecurity Threat Advisory: Data Leaks Due to Unsecured Cloud Environments
Advisory Overview There have been numerous data leaks recently due to misconfigured cloud environments, most notably ElasticSearch and Amazon S3. Gartner predicted that 95% of cloud security failures will be due to misconfigured clouds in 2020 earlier this year and...
Cybersecurity Threat Advisory: Windows Zero-Day Privilege Escalation Exploit
Advisory Overview Kaspersky has detected a Windows 0-day vulnerability which attackers are using in conjunction with a Google Chrome exploit to take control of unpatched systems. Last month Google patched Chrome for an exploit which allows attackers to hack visitors...
