Security News
Jul 6, 2022
North Korean State-Sponsored Cyber Actors Use Ransomware to Target the HPH
Maui Ransomware being use in HPH attacks
Jun 7, 2022
CVE-2022-30190, known as "Follina"
Microsoft Releases Workaround Guidance for MSDT "Follina" Vulnerability
Apr 27, 2022
CISA releases 2021 Top Routinely Exploited Vulnerabilities
CISA, in a coauthored statement, has released the top routinely exploited vulnerabilities of 2021.
Apr 20, 2022
Oracle Releases April 2022 Critical Patch Update
Per CISA- Oracle has released its Critical Patch Update for April 2022 to address 520 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
Apr 19, 2022
Cisco WLC Vulnerability Alert
On Friday, April 15th, Cisco released an advisory to warn of the vulnerability tracked as CVE 2022-20695 (CVSS V3 Score 10.0)
Apr 13, 2022
FBI disinfects devices with Cyclops Blink
In early April, the FBI remotely accessed and disinfected US located devices infected with a new botnet malware attributed to the Russian State hacking outfit, Sandworm. The infected devices were primarily firewall devices from WatchGuard and Asus.
Apr 13, 2022
VMware POC Exploit
A POC exploit for VMware has been released taking advantage of an existing RCE vulnerability (CVE 2022-22954 ) currently being used to infect the servers of coin miners. At least one working exploit has been released on Twitter.
Apr 1, 2022
Chrome 0 Day Vulnerability
On March 25th, Google released an update to fix a vulnerability in its Chrome Browser that was actively being exploited.
Mar 30, 2022
Spring4Shell
A critical security vulnerability has appeared in the Spring Cloud function which could allow for RCE (remote code execution). As with Log4Shell, the newly dubbed Spring4Shell is another collection of Java Vulnerabilities.
Mar 29, 2022
Alert (AA22-083A)- Russian State Sponsored Threats to the Energy Sector
Russian State Sponsored Threats to the Energy Sector
Mar 28, 2022
CISA has added 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog
CISA has added 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog
Mar 14, 2022
Veeam Backup & Replication Issue
Veeam has released patches for two critical issues impacting Backup and Replication which provides backup and restore capabilities for virtual environments running on Hyper-V, vSphere, and Nutanix AHV, as well as for servers and workstations, and for cloud-based workloads.
Feb 28, 2022
FoxBlade Malware
Microsoft Threat Intelligence Center (MSTIC) has identified a new malware being called FoxBlade.
Feb 28, 2022
IsaacWiper and HermeticWizard (aka KillDisk)
Wiper Targets multiple Ukrainian Organizations
Feb 28, 2022
SunSeed
A Lua-based malware/phishing campaign (likely nation-state sponsored), which utilizes compromised Ukrainian armed service member’s email accounts to target European Union government personnel that are involved in managing the logistics of refugees fleeing Ukraine has emerged.