Tag: threat advisory

Cybersecurity Threat Advisory: SonicWall critical vulnerability

Cybersecurity Threat Advisory: SonicWall critical vulnerability

SonicWall has recently addressed the critical vulnerability, CVE-2022-22280, that has a severity rating of 9.4. This vulnerability impacts SonicWall Global Management System (GMS) and its Analytics On-Prem. Upon exploit, the vulnerability allows malicious actors to perform unauthenticated SQL injection due...

/ July 25, 2022
Cybersecurity Threat Advisory: “Wiper” malware emerges amid Russia-Ukraine conflict

Cybersecurity Threat Advisory: “Wiper” malware emerges amid Russia-Ukraine conflict

Amid the escalating geopolitical conflict between Russia and Ukraine, multiple Ukrainian organizations have fallen victim to a destructive “wiper” malware operation that damages a system’s master boot record (MBR) and destroys the contents of targeted files. These attacks are ongoing,...

/ February 25, 2022
Cybersecurity Threat Advisory: Heightened threat activity expected as global conflicts surge

Cybersecurity Threat Advisory: Heightened threat activity expected as global conflicts surge

As tensions continue to rise between Russia and Ukraine, threat actors have targeted both the Ukrainian government and other Ukrainian organizations. Denial-of-Service (DoS) attacks took down the Ukrainian Defense Ministry and Military’s websites. Similar attacks were deployed against PrivatBank and...

/ February 24, 2022
Cybersecurity Threat Advisory: Second Log4j vulnerability patch released

Cybersecurity Threat Advisory: Second Log4j vulnerability patch released

As we know, a significant Log4j Remote Code Execution (RCE) vulnerability has had a patch released and tracked as CVE-2021-44228. However, the patch was not entirely effective at mitigating the risk due to CVE-2021-45046, the lack of completion in some...

/ December 17, 2021
Barracuda Networks and Apache Log4j vulnerability

Barracuda Networks and Apache Log4j vulnerability

The Log4j vulnerability has recently made headlines around the world. Concerns around this vulnerability center on the fact that an attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message...

/ December 16, 2021
Cybersecurity Threat Advisory: Critical Java Zero-Day Vulnerability

Cybersecurity Threat Advisory: Critical Java Zero-Day Vulnerability

A critical remote code vulnerability has emerged in Log4j, a Java Logging package that is used in a number of software products and platforms from organizations like Apache, Apple, Twitter, Tesla and Steam. This vulnerability impacts almost every Java application...

/ December 10, 2021
Cybersecurity Threat Advisory: Cyber Threats Targeting Consumers During Holiday Season

Cybersecurity Threat Advisory: Cyber Threats Targeting Consumers During Holiday Season

The holiday season is once again upon us, and with it comes the busiest time of the year for shopping and traveling. Specifically, from late November to early January of the new year is a time where attackers will be...

/ December 6, 2021
Cybersecurity Threat Advisory: BlackMatter Ransomware

Cybersecurity Threat Advisory: BlackMatter Ransomware

The FBI, CISA, and NSA have released a joint advisory about the BlackMatter Ransomware gang. This group has been gaining traction with their attacks since July 2021 and claims to be the successor of the Darkside and REvil ransomware groups....

/ November 9, 2021
Cybersecurity Threat Advisory: The recent Facebook outage

Cybersecurity Threat Advisory: The recent Facebook outage

On October 4, 2021, the global social network Facebook and its associated platforms faced a global outage that lasted approximately six hours. This outage not only impacted all Facebook users, but it also blocked internal communication between its employees and...

/ October 11, 2021 / 1 Comment
Cybersecurity Threat Advisory: Office 365 Zero-Day Attacks

Cybersecurity Threat Advisory: Office 365 Zero-Day Attacks

Microsoft has released a mitigation for a vulnerability which exists on Windows 10 and can be exploited to launch zero-day attacks against Office 365 and Office 2019. Identified as CVE-2021-40444, this vulnerability could allow attackers to execute arbitrary code on...

/ September 27, 2021