Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New Android zero-day exploit found
This Cybersecurity Threat Advisory involves a critical zero-day vulnerability affecting Android devices, tracked as CVE-2023-35674, posing a significant threat to Android users. This vulnerability allows malicious actors to execute arbitrary code remotely, potentially compromising sensitive user data and device functionality....
Cybersecurity Threat Advisory: Zero-day vulnerabilities found in Apple’s PassKit
Today’s Cybersecurity Threat Advisory involves Apple, who recently released critical updates for iPhone and Mac products after two zero-day vulnerabilities were discovered in their PassKit framework via iMessage. Both vulnerabilities allow malicious actors to perform arbitrary code execution on devices...
Cybersecurity Threat Advisory: New VMware Aria vulnerability identified
Today’s Cybersecurity Threat Advisory highlights an SSH authentication bypass flaw, identified as CVE-2023-34039, which has been discovered in VMware Aria. It has a severity rating of “critical” and a CVSS v3 scope of 9.8. This vulnerability allows remote attackers to...
Cybersecurity Threat Advisory: Social engineering attacks targeting Okta
Today’s Cybersecurity Threat Advisory highlights Okta, who in recent weeks has experienced social engineering attacks by threat actors looking to attain highly privileged roles within Okta’s accounts. The company has warned about social engineering attacks targeting IT service desk agents...
Cybersecurity Threat Advisory: Vulnerabilities found in Juniper firewalls
Today’s Cybersecurity Threat Advisory involves proof-of-concept exploit code that has been publicly released in Juniper SRX firewalls. Using the proof-of-concept exploit code can allow unauthenticated attackers access to remotely execute code in unpatched Juniper JunOS devices. This news comes after...
Cybersecurity Threat Advisory: 3 High-severity CISCO vulnerabilities discovered
In the latest Cybersecurity Threat Advisory, Cisco has addressed three high-severity vulnerabilities within its NX-OS and FXOS software, which have the potential to trigger denial-of-service (DoS) conditions. These vulnerabilities could be exploited by malicious actors to disrupt the normal functioning...
Cybersecurity Threat Advisory: XLoader malware targeting macOS
Today’s Cybersecurity Threat Advisory sheds light on a resurgence of XLoader malware in the wild targeting macOS systems as a disguised “OfficeNote” application. This trojan leverages social engineering tactics to entice users into downloading and executing the malicious app that...
Cybersecurity Threat Advisory: New Microsoft support scam
The latest Cybersecurity Threat Advisory highlights the new false advertisement for Amazon through Google search engine. The advertisement redirects users to a Microsoft Defender support scam that locks up their browser. Barracuda MSP recommends avoiding clicking on any “Sponsored” result...
Cybersecurity Threat Advisory: Global ransomware campaign targeting MSPs
In the latest Cybersecurity Threat Advisory, we discuss The Play Ransomware Group, also known as PlayCrypt, who are currently waging a global cyberattack campaign against multiple managed service providers (MSPs). Their primary targets are midsize businesses in sectors like finance,...
Cybersecurity Threat Advisory: Citrix NetScaler servers actively being exploited
This Cybersecurity Threat Advisory highlights the nearly 2,000 Citrix NetScaler servers have been compromised through a sophisticated hacking campaign. The attackers exploited a critical vulnerability, CVE-2023-3519, to implant web shells on the targeted servers. This poses a severe threat as...
