Three zero-days addressed in Microsoft’s May 2022 Patch Tuesday
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Microsoft addressed 74 vulnerabilities in their May 2022 Patch Tuesday Security Update. Three of them are zero-days, and one is being exploited in the wild. The LSA Spoofing vulnerability (CVE-2022-26925) is actively exploited in …
Have you patched this actively exploited BIG-IP vulnerability?
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here Last week, F5 patched a vulnerability tracked as CVE-2022-1388, soon after a successful Proof-of-concept(PoC) was developed by security researchers making it susceptible to further exploitation. This authentication bypass vulnerability affects the iControl REST component …
Weekly Threat Digest: 18 – 24 April 2022
For a detailed threat digest, download the pdf file here Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 430 5 2 Worldwide 17 46 The fourth week of April 2022 witnessed the discovery of 430 vulnerabilities out of which 5 gained …
Newly patched VMware vulnerability exploited by Iranian espionage group, Rocket Kitten
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here An Iranian cyber espionage gang known as Rocket Kitten has began delivering the Core Impact penetration testing tool on susceptible computers by exploiting a newly fixed severe vulnerability in VMware Workspace ONE Access/Identity Manager …
What will be the consequence of this disputed vulnerability in 7-ZIP?
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here The zero-day vulnerability in 7- Zip software, tracked as CVE-2022-29072 is marked as disputed by the National Vulnerability Database(NVD), and sparked discussions over its consequences. This started when a researcher published a proof-of-concept (POC) …
Bypass Authentication vulnerability in Atlassian Jira Seraph
THREAT LEVEL: Green. For a detailed advisory, download the pdf file here Atlassian has addressed a vulnerability in its Jira Seraph software, tracked as CVE-2022-0540. An unauthenticated attacker can use to bypass authentication. By submitting a specially crafted HTTP request to the affected software, a threat …
Hive Ransomware targets organizations with ProxyShell exploit
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Hive Ransomware has been active since its discovery in June 2021, and it is constantly deploying different backdoors, including the Cobalt Strike beacon, on Microsoft Exchange servers that are vulnerable to ProxyShell (CVE-2021-31207, CVE-2021-34473 …
Lazarus is back, targeting organizations with cryptocurrency thefts via TraderTraitor malware
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the U.S. Treasury Department (Treasury) have issued a joint Cybersecurity Advisory(CSA) to make organizations in the blockchain technology and cryptocurrency …
Weekly Threat Digest: 11 – 17 April 2022
For a detailed threat digest, download the pdf file here Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 765 14 1 2 6 25 The third week of April 2022 witnessed a huge spike on the discovery of 765 vulnerabilities out …
Two Vulnerabilities discovered in AWS Client VPN
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here Two flaws have been discovered in the AWS VPN Client. One of them (CVE-2022-25166) was discovered due to a time-of-check to time-of-use (TOCTOU) condition, which could lead to privilege escalation. Another vulnerability (CVE-2022-25165) could …