Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Microsoft ADFS Multi-Factor Authentication Bypass
What is the Issue? A vulnerability was discovered in the way multi factor authentication requests are handled by Microsoft’s Active Directory Federation Services (ADFS). It appears that an attacker can compromise a user’s account by bypassing the multi-factor token request....
Cybersecurity Threat Advisory: Bitcoin Blackmail Ransom Emails
What is the Issue? Cyber criminals are sending Bitcoin ransom emails that are attempting to blackmail users into paying ransoms based on leaked password being exposed. These cyber criminals create false narratives that attempt to blackmail you by claiming they...
Cybersecurity Threat Advisory: Drupal, Symfony Component Vulnerability
What is the Issue? Drupal, a free and open source platform that provides an easy framework for creating websites, discovered a vulnerability in its library (called Symfony) that could give cyber attackers access to caches and servers. The vulnerability could...
Cybersecurity Threat Advisory: North Korean Trojan: KEYMARBLE
What is the Issue? A group of security researchers has discovered a new variant of the Spectre attack that allows attackers to steal critical information from targets via network connections. Dubbed ‘NetSpectre’, the new attack improves upon its predecessor in...
Cybersecurity Threat Advisory: NetSpectre Attack can Steal CPU Secrets
What is the Issue? A group of security researchers has discovered a new variant of the Spectre attack that allows attackers to steal critical information from targets via network connections. Dubbed ‘NetSpectre’, the new attack improves upon its predecessor in...
Cybersecurity Threat Advisory: Hidden Malware Inside Images on GoogleUserContent
What is the Issue: Security researchers have discovered a new attack technique utilizing downloadable images from GoogleUserContent sites such as Google+ and blogger forums. Downloaded images can execute scripts that establish backdoors that have long term access to a system...
Cybersecurity Threat Advisory: Windows Desktop Shortcut Hijack
What is the Issue: Security researchers have discovered a new attack technique utilizing Microsoft Word, macros and your desktop shortcuts. Utilizing a malicious macro embedded within a Word document, desktop shortcuts are modified to download malware when you click on...
Cybersecurity Threat Advisory: Unprotected Marketing Database Exposes PII
What is the Issue? On June 27th, an unprotected database belonging to a marketing firm containing 340 million records exposed to the internet was discovered. The database was found by an independent research firm. Why is this noteworthy? The unprotected...
Cybersecurity Threat Advisory: Necurs Malware Bypassing Conventional Detection Methods
What is the Issue? It has been discovered by Trend Micro that the Necurs malware, which was previously revealed as an internet shortcut, has now been found under the veil of the internet query file. These files innocently and typically...
Cybersecurity Threat Advisory: Mylobot Malware Brings New Sophistication to Botnets
What is the Issue? Researchers have discovered a New Windows malware whose origin traces back to the ‘Dark Web.’ The malware, dubbed Mylobot, pulls together a variety of strategies and techniques to gain a foothold on its targets and remain...
