Security News

​

​

Maui Ransomware being use in HPH attacks

Microsoft Releases Workaround Guidance for MSDT "Follina" Vulnerability

CISA, in a coauthored statement, has released the top routinely exploited vulnerabilities of 2021.

Per CISA- Oracle has released its Critical Patch Update for April 2022 to address 520 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

On Friday, April 15th, Cisco released an advisory to warn of the vulnerability tracked as CVE 2022-20695 (CVSS V3 Score 10.0)

Microsoft Patch Tuesday Updates

In early April, the FBI remotely accessed and disinfected US located devices infected with a new botnet malware attributed to the Russian State hacking outfit, Sandworm. The infected devices were primarily firewall devices from WatchGuard and Asus.

A POC exploit for VMware has been released taking advantage of an existing RCE vulnerability (CVE 2022-22954 ) currently being used to infect the servers of coin miners. At least one working exploit has been released on Twitter.

On March 25th, Google released an update to fix a vulnerability in its Chrome Browser that was actively being exploited.

A critical security vulnerability has appeared in the Spring Cloud function which could allow for RCE (remote code execution). As with Log4Shell, the newly dubbed Spring4Shell is another collection of Java Vulnerabilities.

Russian State Sponsored Threats to the Energy Sector

CISA has added 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog

Data extortion group Lapsus$ has breached Microsoft and Okta.

Veeam has released patches for two critical issues impacting Backup and Replication which provides backup and restore capabilities for virtual environments running on Hyper-V, vSphere, and Nutanix AHV, as well as for servers and workstations, and for cloud-based workloads.

Wiper Targets multiple Ukrainian Organizations

A Lua-based malware/phishing campaign (likely nation-state sponsored), which utilizes compromised Ukrainian armed service member’s email accounts to target European Union government personnel that are involved in managing the logistics of refugees fleeing Ukraine has emerged.

Microsoft Threat Intelligence Center (MSTIC) has identified a new malware being called FoxBlade.

​