Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Bibi-Windows Wiper on the rise
Israel has recently been the target of cyberattacks involving a wiper malware that was previously observed to target both Linux and Windows systems. The wiper, named “BiBi-Windows Wiper”, has been used by a pro-Hamas hacker group in the wake of...
Cybersecurity Threat Advisory: Urgent Veeam ONE vulnerabilities
Several serious security flaws have been found in the Veeam ONE platform for analytics and IT infrastructure monitoring. These vulnerabilities may result in data breaches, illegal access, and NTLM hash theft. To fix these problems, Veeam has published security patches...
Cybersecurity Threat Advisory: HelloKitty group targets Apache
This Cybersecurity Threat Advisory discusses a new critical security flaw that was discovered in the Apache ActiveMQ open-source message broker service. This security flaw can potentially result in remote code execution, which is currently being exploited by the HelloKitty ransomware...
Cybersecurity Threat Advisory: Atlassian confluence vulnerability
This Cybersecurity Threat Advisory highlights a new security flaw that has recently been discovered in Atlassian’s Confluence Data Center and Server, which could result in significant data loss if exploited. Tracked as CVE-2023-22518, this vulnerability is rated 9.1 out of...
Cybersecurity Threat Advisory: VMware critical code vulnerability
VMware has published a security advisory regarding a critical out-of-bounds write vulnerability (CVE-2023-34048) that has been fixed in the latest updates by VMware. The vulnerability shared in this Cybersecurity Threat Advisory has received a critical severity rating by VMware. It...
Cybersecurity Threat Advisory: F5 BIG-IP RCE vulnerability
This Cybersecurity Threat Advisory involves a critical vulnerability discovered in F5 BIG-IP products, identified as CVE-2023-46747. The vulnerability allows unauthenticated remote code execution and poses significant security risks. With a CVSS score of 9.8, immediate attention is required to mitigate...
Cybersecurity Threat Advisory: Increased cyberattacks unveiled
This Cybersecurity Threat Advisory looks at a threat actor who is targeting various private sector entities in Israel. Read the recommendations below to implement a layered security approach to protect against these cyberattacks. What is the threat? Microsoft has unveiled...
Cybersecurity Threat Advisory: NetScaler vulnerability exploited
A critical information disclosure vulnerability in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway has been exploited in the wild as a zero-day vulnerability beginning in late August 2023. This vulnerability is identified to be exploited remotely and with no...
Cybersecurity Threat Advisory: HTTP/2 vulnerability
Amazon Web Services (AWS), Cloudflare, and Google announced measures to mitigate unprecedented distributed denial-of-service (DDoS) attacks that utilize an innovative HTTP/2 Rapid Reset technique. In this Cybersecurity Threat Advisory, learn the details of this threat, what the risks are, and...
Cybersecurity Threat Advisory: Cisco IOS XE zero-day vulnerability
This latest Cybersecurity Threat Advisory involves a critical authentication bypass zero-day vulnerability (CVE-2023-20198) discovered in Cisco IOS XE software, allowing unauthenticated attackers to gain full administrator privileges over affected routers and switches. This vulnerability is of utmost concern as it...