Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Windows CryptoAPI Spoofing Vulnerability
Advisory Overview Multiple versions of Windows are susceptible to a spoofing vulnerability that could allow an attacker to modify TLS-encrypted communications or spoof an Authenticode signature. Microsoft has issued an update to fix the vulnerability which is available in the...
Cybersecurity Threat Advisory: Rise in Malicious Cyber Activity by Iranian Regime Actors
Advisory Overview There has been a rise in recent malicious cyber activity directed at United States industries and government agencies by Iranian regime actors and proxies, according to the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA)...
Cybersecurity Threat Advisory: LifeLabs Cyberattack & Data Breach
Advisory Overview During October 2019 LifeLabs experienced a large-scale ransomware incident where attackers potentially gained access to various pieces of personal information for up to 15 million customers primarily within the British Columbia & Ontario areas of Canada. LifeLabs reportedly...
Cybersecurity Threat Advisory: Vulnerability in Two Citrix Devices (Updated Jan 30th 2020)
Update Threat actors are now exploiting this vulnerability to deploy ransomware on customers networks. Citrix has provided a patch for this vulnerability and SKOUT has seen successful exploitation of the vulnerability. Patching is not enough, researchers have found that threat...
Cybersecurity Threat Advisory: Data Leaks Due to Unsecured Cloud Environments
Advisory Overview There have been numerous data leaks recently due to misconfigured cloud environments, most notably ElasticSearch and Amazon S3. Gartner predicted that 95% of cloud security failures will be due to misconfigured clouds in 2020 earlier this year and...
Cybersecurity Threat Advisory: Windows Zero-Day Privilege Escalation Exploit
Advisory Overview Kaspersky has detected a Windows 0-day vulnerability which attackers are using in conjunction with a Google Chrome exploit to take control of unpatched systems. Last month Google patched Chrome for an exploit which allows attackers to hack visitors...
Cybersecurity Threat Advisory: Security Measures for the Holiday Season
Advisory Overview During the upcoming holiday season, SKOUT wants to ensure that our customers stay safe while traveling and are extra vigilant online. With holiday sale campaigns and donations to charities in full swing, the time is perfect for spam...
Cybersecurity Threat Advisory: Email Bombing
Advisory Overview Threat actors have recently increased attempts to take email servers offline by overloading the servers with thousands of email messages (known as “email bombing”). This attack is similar to a Denial of Service (DOS) attack, where hundreds of...
Cybersecurity Threat Advisory: McAfee Antivirus and Symantec Endpoint LPE Flaw
Advisory Overview Recently, both McAfee and Symantec anti-malware tools were discovered to have vulnerabilities that allowed a threat actor to overcome the protection systems that these tools typically provide. While the attack requires the threat actor to have Administrative privileges...
Cybersecurity Threat Advisory: Zombieload targeting 8th and 9th Generation Intel CPU’s
Advisory Overview As with several other exploits targeted at how Intel processors handle digital operations, “Zombieload” is an exploit used by threat actors to compromise information being processed by an Intel CPU. Some vulnerabilities allow a threat actor to steal...
