Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Buffer Overflow Leads to Partial Memory Leak
Threat Update On June 23, security researchers reported that SonicWall’s stack-based Buffer Overflow vulnerability from late last year was only partially patched, yielding another attack vector for unpatched systems. A threat actor can send malicious requests to the firewall to...
Cybersecurity Threat Advisory: Wormable Ransomware Targeting Linux and Docker instances
Threat Update A new ransomware built in Bash has been discovered targeting Linux and Docker cloud containers. This malware is built in Bash and has been given the name “DarkRadiation”. There is no currently known information about the delivery methods...
Cybersecurity Threat Advisory: Critical XXE Vulnerability Discovered in ConnectWise Automate
Threat Update This month, it was discovered that ConnectWise Automate versions 2021.6.131 and prior are vulnerable to exploits that allow threat actors to remotely execute code and access confidential data by performing XML external entity (XXE) injection attacks. The severity...
Cybersecurity Threat Advisory: Botnets Version Hunting Perimeter Devices
Threat Update Threat actors have been seen in the wild scanning for perimeter devices which are running vulnerable firmware and have not been updated to allow for vulnerabilities to be patched. Perimeter devices (such as firewalls, intrusion detection/prevention systems, and...
Cybersecurity Threat Advisory: ThroughTek P2P Supply Chain Vulnerability
Threat Update ThroughTek, a massive original equipment manufacturer (OEM) supplier, has been made aware of a software vulnerability involving the IP cameras with P2P connections. The vulnerability could potentially allow unauthorized access to sensitive information via camera audio/video feeds. SKOUT...
Cybersecurity Threat Advisory: Malware Targeting Kubernetes Clusters and Windows Containers
Threat Update A new malware first discovered in March dubbed ‘Siloscape’ is actively targeting Kubernetes clusters via Windows containers. This malware has the potential to compromise an entire Kubernetes cluster. SKOUT recommends ensuring all clusters are updated with the latest...
Cybersecurity Threat Advisory: Recent Security Updates for SAP
Threat Update Critical security updates for Adobe Acrobat and Adobe Reader have recently been released for both Mac OS and Windows. These updates are extremely important, as they could lead to potential machine and network compromise. SKOUT recommends applying the...
Cybersecurity Threat Advisory: Recent Security Updates for Adobe Acrobat and Reader
Threat Update Critical security updates for many Adobe products have recently been released for both Mac OS and Windows. These updates are extremely important as they could lead to potential machine and network compromise. The most popular Adobe products, Acrobat...
Cybersecurity Threat Advisory: RCE Vulnerability in Siemens PLCs
Threat Update An unauthenticated remote code execution vulnerability has been detected in several Siemens PLC devices. An unauthenticated remote attacker with access to TCP port 102 could exploit this to read or write arbitrary code to protected memory areas. This...
Cybersecurity Threat Advisory: Increased Spear Phishing Activity of Nobelium Group
Threat Update Microsoft has actively been tracking a surge in spear phishing activity conducted by ‘Nobelium,’ the group behind the SUNBURST backdoor, TEARDROP and GoldMax malware. Technical Detail & Additional Information WHAT IS THE THREAT? The threat group ‘Nobelium’ has...
