Tag: Cybersecurity Threat Advisory

Advisory Overview A spear-phishing campaign targeting various industries is utilizing malicious Microsoft Excel attachments to infect users with the “GuLoader” backdoor trojan. The threat actors then proceed to use GuLoader to download “Hakbit” ransomware onto the infected device. Recommendations to...

Doris Au / July 9, 2020

Cybersecurity Threat Advisory: F5 Critical Vulnerability Exploited in Wild (CVE-2020-5902)

Security

Cybersecurity Threat Advisory: F5 Critical Vulnerability Exploited in Wild (CVE-2020-5902)

Advisory Overview A Remote Code Execution (RCE) vulnerability exists in the BIG-IP application delivery controller (ADC) software’s Traffic Management User Interface (TMUI). The vulnerability could allow an attacker to execute remote commands or arbitrary code without the need for authentication,...

Doris Au / July 7, 2020

Cybersecurity Threat Advisory: Ripple20 Vulnerabilities

Security

Cybersecurity Threat Advisory: Ripple20 Vulnerabilities

Advisory Overview A series of nineteen vulnerabilities dubbed “Ripple20” have been identified in a large number of devices spanning multiple vendors and industries involving a widely used low-level TCP/IP software library developed by Treck, Inc. Exploited devices risk remote code...

Doris Au / July 2, 2020

Cybersecurity Threat Advisory: Palo Alto Networks Vulnerability

Security

Cybersecurity Threat Advisory: Palo Alto Networks Vulnerability

Advisory Overview Palo Alto Networks disclosed a critical vulnerability all next-generation firewalls running certain versions of PAN-OS that could allow an attacker to bypass authentication. SKOUT recommends upgrading PAN-OS to a fixed version. Full recommendations and links are available below....

Doris Au / June 29, 2020

Cybersecurity Threat Advisory: Cisco WebEx Vulnerability (CVE-2020-3347)

Security

Cybersecurity Threat Advisory: Cisco WebEx Vulnerability (CVE-2020-3347)

Advisory Overview A vulnerability was recently reported in the Cisco WebEx Meetings Desktop App for Windows releases earlier than 40.4.12 and 40.6.0 that could allow an attacker to gain access to sensitive information such as usernames, authentication tokens, and meeting...

Doris Au / June 29, 2020

Cybersecurity Threat Advisory: SolarWinds RMM Vulnerability

Security

Cybersecurity Threat Advisory: SolarWinds RMM Vulnerability

Advisory Overview SolarWinds RMM has identified a vulnerability in versions 10.8.8 and earlier that could allow an attacker to target all devices running the Advanced Monitoring Agent. The attack could allow an attacker to download malware, modify data, and delete...

Doris Au / June 25, 2020

Cybersecurity Threat Advisory: VMware Cloud Director Flaws (CVE 2020-3956)

Security

Cybersecurity Threat Advisory: VMware Cloud Director Flaws (CVE 2020-3956)

Advisory Overview VMware Cloud Director is potentially vulnerable to a remote code injection attack that would allow an attacker to view/modify databases and escalate privileges from organizational admin to system admin. SKOUT advises updating VMware Cloud Director to version 10.1.0...

Doris Au / June 22, 2020

Cybersecurity Threat Advisory: SAP Adaptive Server Enterprise Vulnerabilities

Security

Cybersecurity Threat Advisory: SAP Adaptive Server Enterprise Vulnerabilities

Advisory Overview Six critical vulnerabilities were recently disclosed in SAP Adaptive Server Enterprise that could allow hackers to execute arbitrary code, expose passwords, and elevate privileges. SKOUT recommends updating SAP ASE to the latest version. Technical detail and additional information...

Doris Au / June 12, 2020

Cybersecurity Threat Advisory: ConnectWise Automate Security Vulnerability

Security

Cybersecurity Threat Advisory: ConnectWise Automate Security Vulnerability

Advisory Overview ConnectWise issued a warning to its MSP customers about a security vulnerability found in Automate, a remote management platform, in which the API can be used by a remote user to make modifications to the Automate instance. Technical...

Doris Au / June 11, 2020

Cybersecurity Threat Advisory: Microsoft Releases Patch for Critical Vulnerability SMBleed

Security

Cybersecurity Threat Advisory: Microsoft Releases Patch for Critical Vulnerability SMBleed

Advisory Overview Microsoft has released a patch for a critical vulnerability affecting Server Message Block (SMB) protocol. This new vulnerability can be exploited to allow an attacker to leak information from kernel memory remotely and can be combined with additional...

Doris Au / June 10, 2020

Categories

Tags

Archives

Tag: Cybersecurity Threat Advisory

Cybersecurity Threat Advisory: Spear-Phishing Campaign Spreading Hakbit Ransomware

Cybersecurity Threat Advisory: F5 Critical Vulnerability Exploited in Wild (CVE-2020-5902)

Cybersecurity Threat Advisory: Ripple20 Vulnerabilities

Cybersecurity Threat Advisory: Palo Alto Networks Vulnerability

Cybersecurity Threat Advisory: Cisco WebEx Vulnerability (CVE-2020-3347)

Cybersecurity Threat Advisory: SolarWinds RMM Vulnerability

Cybersecurity Threat Advisory: VMware Cloud Director Flaws (CVE 2020-3956)

Cybersecurity Threat Advisory: SAP Adaptive Server Enterprise Vulnerabilities

Cybersecurity Threat Advisory: ConnectWise Automate Security Vulnerability

Cybersecurity Threat Advisory: Microsoft Releases Patch for Critical Vulnerability SMBleed