Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Lenovo-EMC Device Storage Leak Vulnerability
Advisory Overview Several different Lenovo-EMC Network Attached Storage (NAS) devices – including those from the Iomega NAS device line – have critical vulnerabilities that must be patched. These devices, if left unpatched, have the ability to allow a threat actor...
Cybersecurity Threat Advisory: Zoom Conferencing Software Vulnerability Disclosure
What is the threat As reported by security researcher Johnathan Leitschuh via his Medium account, current Zoom Conferencing client software versions on Macintosh systems have a known vulnerability that allows a malicious actor to force-join a user to a new...
Cybersecurity Threat Advisory: Threat Actors Have Obtained Cellular Network Customer Data
What is the threat? A long-term, focused theft of call detail records from hacked cell network providers has been uncovered by a group of cybersecurity researchers. Threat actors stole massive amounts of call detail records including – but not limited...
Cybersecurity Threat Advisory: Microsoft Excel Power Query Vulnerability
What is the threat? A feature in Microsoft Excel called Power Query is vulnerable to attack by threat actors leveraging the way this feature accesses data outside the spreadsheet that it resides in. Power Query is a legitimate feature; which...
Cybersecurity Threat Advisory: Ransomware Gang Hacks MSPs to Deploy Ransomware to Customers
What is the threat? A group of threat actors has targeted customers of Managed Service Providers (MSPs) using Remote Desktop Protocol (RDP) to provide remote assistance and technical support. In this case, the threat actors specifically targeted the SecureAnyware technology...
Cybersecurity Threat Advisory: Healthcare Providers Fall Victim to Ransomware Attacks
What is the threat? There has been a significant increase in ransomware attacks in recent months and the healthcare industry appears to be the prime target for these hackers. SKOUT CYBERSECURITY is tracking a recent trend where medical providers and...
Cybersecurity Threat Advisory: DNSpionage Malware Finds New Way to Avoid Detection.
What is the threat? An attack campaign called DNSpionage – first detected in November 2018 – has recently resurfaced with new attack vectors and methodologies. This attack campaign redirects users via unauthorized DNS modification to malicious versions of job posting...
Cybersecurity Threat Advisory: AMCA Healthcare Hack
What is the threat? The compromise of the American Medical Collection Agency (AMCA), a third-party bill collection vendor, has potentially impacted the personal data of over 20 million patients across three laboratory services providers. Why is this noteworthy? Personal data...
Cybersecurity Threat Advisory: APT Group Uses Text-Based Steganography Attack Technique
What is the threat? On June 5, Kaspersky researchers revealed a highly sophisticated cyberespionage campaign by the advanced persistent threat (APT) group “Platinum” which employs new text-based steganography techniques to obscure their communication and install malware and a backdoor on...
Cybersecurity Threat Advisory: Malware Campaign Targets Certain Windows Servers
What is the threat? A recent malware campaign is targeting Windows MS-SQL and PHPMyAdmin based servers using different techniques. According to Guardicore Labs, the malware has breached over 50,000 servers that belong to companies in the healthcare, telecommunications, media and...
