Pro-Russian Hacktivists Preparing Cyber Attack on Western Financial Systems

Several Pro-Russian hacktivists have declared that they plan to launch a large-scale cyber attack on the Western Financial system within the next 48 hours. The three primary groups, KillNet, REvil and Anonymous Sudan, have formed an alliance to prepare and launch a large cyber attack. The alliance reportedly plans to carry out a distributed denial […]

Critical RCE Fortinet FortiGate Firewalls

Several patches have been released by Fortinet to address a critical security vulnerability in its FortiGate Firewalls and FortiProxy SSL-VPN that would allow a threat actor to initialise remote code execution via a heap-based buffer overflow vulnerability. The vulnerability, tracked as CVE-2023-27997, is a heap-based buffer overflow vulnerability in SSL VPN devices in Forti OS […]

MOVEit Zero-Day Vulnerability

A critical zero-day vulnerability in a secure file transfer software has been declared. “MOVEit” file transfer application by Progress Software Corporation (Progress) has been assigned a critical CVE: CVE-2023-34362. Qualys has classified the CVSS base score as 10 and the CVSS 3.1 base as 9.8. The critical flaw entails severe SQL injection vulnerability that has […]

Russian hackers target UK’s critical infrastructure

Russian hackers are actively looking to target Britain’s critical infrastructure, such as energy and water, with the goal of ‘disrupt or destroy’, a Cabinet Office minister has warned. Hacking groups from Russia have focussed their attention to the UK in recent months, Oliver Dowden mentioned in a speech. The National Cyber Security Centre (NCSC) has […]

Microsoft Outlook Elevation of Privilege – CVE-2023-23397

CVE-2023-23397 is an elevation of privilege vulnerability in Microsoft Outlook that was assigned a CVSSv3 score of 9.8 with reports that it is activity being exploited in the wild. The vulnerability can be exploited by sending a malicious email to a vulnerable version of Outlook with an extended MAPI property with a UNC path to […]

Microsoft SPNEGO NEGOEX Vulnerability

Microsoft recently reclassified a vulnerability in SPNEGO NEGOEX (CVE-2022-37958) to a designation of “Critical” (maximum severity for their products): CVSS score 8.1. The CVE had previously been given a designation of “Important”: CVSS score of 7.5, but recent analysis of the patch identified that the vulnerability allowed remote code execution in a similar manner to […]

Microsoft Exchange Zero-Day

Security researchers have warned that a zero-day flaw in Microsoft’s Exchange server is being actively exploited. So far, we know that the Microsoft Exchange zero-day allows for remote code execution and that the attackers are chaining a pair of zero-days to deploy Chinese Chopper web shells on compromised hosts. The first vulnerability, identified as CVE-2022-41040, […]

SonicWall advisory: Patches for SSLVPN SMA1000 Devices

SonicWall SSLVPN SMA1000 series appliances are affected by the multiple vulnerabilities listed below; organisations running previous versions of SSLVPN SMA1000 series firmware should upgrade to new firmware release versions. Affected Products: There is no evidence that these vulnerabilities are being exploited in the wild. Sources:

Critical F5 BIG-IP bug​

Multiple vulnerabilities have been found in the F5’s BIG-IP network software  (BIG-IP iControl REST) authentication. Disclosed last week, the bug affects multiple versions of the network management software, which is being tracked as CVE-2022-1388.​ ​Patch ASAP! ​ ​Although CVE-2022-1388 is a proof-of-concept (PoC), there is still a high chance that this vulnerability could expose thousands of users to a remote […]

Russian Intelligence Service

Russian Intelligence Service – Overview Summary The Russian Intelligence Service is made up of various departments, of which the main three are, Chief Intelligence Office/Military Intelligence (GRU), Federal Security Service (FSB), and the Foreign Intelligence Service (SVR).  With the war in Ukraine still operational, it is likely that Russia will continue to carry out cyber […]