Microsoft Exchange Zero-Day
Security researchers have warned that a zero-day flaw in Microsoft’s Exchange server is being actively exploited. So far, we know that the Microsoft Exchange zero-day allows for remote code execution and that the attackers are chaining a pair of zero-days to deploy Chinese Chopper web shells on compromised hosts. The first vulnerability, identified as CVE-2022-41040, […]
SonicWall advisory: Patches for SSLVPN SMA1000 Devices
SonicWall SSLVPN SMA1000 series appliances are affected by the multiple vulnerabilities listed below; organisations running previous versions of SSLVPN SMA1000 series firmware should upgrade to new firmware release versions. Affected Products: There is no evidence that these vulnerabilities are being exploited in the wild. Sources:https://thehackernews.com/2022/05/sonicwall-releases-patches-for-new.html
Critical F5 BIG-IP bug
Multiple vulnerabilities have been found in the F5’s BIG-IP network software (BIG-IP iControl REST) authentication. Disclosed last week, the bug affects multiple versions of the network management software, which is being tracked as CVE-2022-1388. Patch ASAP! Although CVE-2022-1388 is a proof-of-concept (PoC), there is still a high chance that this vulnerability could expose thousands of users to a remote […]
Russian Intelligence Service
Russian Intelligence Service – Overview Summary The Russian Intelligence Service is made up of various departments, of which the main three are, Chief Intelligence Office/Military Intelligence (GRU), Federal Security Service (FSB), and the Foreign Intelligence Service (SVR). With the war in Ukraine still operational, it is likely that Russia will continue to carry out cyber […]
North Korean Lazarus Group targeting Blockchain Companies
The North Korean (DPRK) state-sponsored hacking group known as Lazarus continues to target blockchain and cryptocurrency organisations. Cybersecurity and Infrastructure Security Agency (CISA), the FBI and the US Treasury department warned of “malicious” cyber threats from state-sponsored threat actors. The main one being Lazarus. Their goal is simple: to find vulnerabilities within crypto technology firms, […]
U.S. Warns of APT Hackers Targeting ICS/SCADA Systems with Specialized Malware
The US Cybersecurity and Infrastructure Security Agency (CISA) has released a report warning of nation-state actors deploying specialized malware to maintain access to industrial control systems (ICS), supervisory control, and data acquisition (SCADA) devices. The custom-made tools are specifically designed to single out Schneider Electric programmable logic controllers (PLCs), OMRON Sysmac NEX PLCs, and Open […]
Spring4Shell Vulnerability
Executive Summary: A new zero-day vulnerability in the Spring Core Java framework dubbed ‘Spring4Shell’ has been publicly disclosed, allowing unauthenticated remote-code execution on applications. Spring by VMware is a very popular application framework that allows software developers to quickly and easily develop Java applications with enterprise-level features. These applications can then be deployed on servers, such as Apache Tomcat, as […]
Russia-Ukraine Malicious Cyber Activity
The Ukrainian government confirmed yesterday afternoon that another large-scale cyber attack is taking place; this is less than a week since websites were last targeted in a similar attack. “We’ve not seen something [like this] that’s taken it to a completely different level,” an official told the BBC. This large-scale cyber attack preceded Russia’s invasion […]
Russia-Ukraine Tensions Escalate
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is encouraging increased cyber security awareness in a new “Shields Up” advisory released last week as tensions escalate between Ukraine and Russia. Russia has threatened new invasions against Ukraine as an escalation of the Russo-Ukrainian War that began in 2014. The cyber security implications of these threats have already been […]
Major SAP Vulnerability
Priority: High – CVSS 10 Executive Summary: German enterprise software maker SAP and the US Cybersecurity and Infrastructure Security Agency issued security advisories on Tuesday 8th February to warn SAP customers to install the company’s February security patches as soon as possible in order to prevent the exploitation of a major vulnerability in a ubiquitous SAP component. Tracked as CVE-2022-22536, the vulnerability […]