Threat Advisories
Detailed information and guidance on threats and vulnerabilities, focusing on its characteristics, impact, and remediation steps, released daily and weekly to provide actionable intelligence and aid in rapid response and mitigation efforts.
Strengthen Your Defenses With the Latest Intelligence
Threat Level – Amber | Vulnerability Report
Google addresses new vulnerabilities in Chrome
Google Chrome addresses nine vulnerabilities in its latest stable channel update for June 23, 2022 Threat Level – Red | Vulnerability Report
ToddyCat exploits unknown vulnerability in Microsoft Exchange servers to targets entities in Europe and Asia
ToddyCat, an APT group is deploying web shells by exploiting an unknown June 23, 2022 Threat Level – Red | Vulnerability Report
DriftingCloud exploits zero-day in Sophos firewall
The Chinese APT actor DriftingCloud exploits the RCE vulnerability in Sophos firewall June 22, 2022 Threat Level – Red | Vulnerability Report
New vulnerability allows attackers to takeover entire WordPress website
An unauthenticated attacker can call multiple methods in Ninja Forms class in June 21, 2022 Threat Level – Red | Vulnerability Report
Vulnerability in Zimbra that steals clear-text credentials from users
A new vulnerability in Zimbra allows an attacker to steal cleartext credentials June 21, 2022 Threat Level – Red | Vulnerability Report
Iranian APT targets Middle East’s Energy & Telecommunications industry
A new campaign has been launched by a state-sponsored Iranian APT group, June 20, 2022 Threat Level – Red | Vulnerability Report
GALLIUM targets Telecommunications sector using new PingPull tool
A new, difficult-to-detect remote access trojan known as PingPull has been discovered June 17, 2022 Threat Level – Amber | Vulnerability Report
Attackers can bypass authentication in Cisco SMA & ESA
An attacker can login into a web management interface of an affected June 17, 2022