Microsoft has issued out-of-band updates for zero day vulnerabilities impacting on-premise Exchange Servers that are currently being exploited by at least one APT (advanced persistent threat) group, dubbed Hafnium. It is suspected that Hafnium has seized control of hundreds of thousands of MS Exchange Servers worldwide and has hacked at least 30,000 U.S. organizations. The […]
Google has patched several critical vulnerabilities in Chrome, including one that is being actively exploited. These vulnerabilities are being tracked as CVE-2021-21166. The most severe of these vulnerabilities could allow for arbitrary code execution and the deletion or modification of data. Users are advised to update to version 89.0.4389.72 as soon as possible. For instructions […]
Please be advised of two phishing scams, one which targets students with Pell Grant funds, and the other, which targets students with pandemic relief promises. The Pell Grant campaign commences with a text message, like the one shown below, which notifies students of a Pell Grant award and an urgent need to respond to a […]
The FBI, the Department of Health & Human Services Office of the Attorney General (HHS-OIG), and the Centers for Medicaid and Medicare Services (CMS) have issued a joint warning about COVID-19 vaccine scams. What should you look out for? Ads promising early access to the vaccine upon payment of a fee or deposit. Out-of-pocket payment […]
Threat Analysis Group (TAG) reports that a nation state sponsored, a/k/a APT (advanced persistent threat) campaign has been targeting security researchers working on vulnerability research across multiple industries. The goal of this campaign appears to be intellectual property theft. To date, only actors targeting Windows systems have been observed. Social engineering tactics include: Establishing a […]
The FTC warns of an impersonation scam wherein scammers, using a phishing website with familiar branding and dubbed “US Trading Commission”, attempts to lure victims with cash payments if their personal information has been exposed on the web. The goal of this phishing scam, which has popped up as a YouTube link with several different […]
A newly launched SolarLeaks website claims to be selling data from companies known to have been breached in the recent supply chain attack. The site’s legitimacy has not been confirmed. The following data has been offered for sale on this site: Microsoft source code and repositories. Microsoft has confirmed that their source code was accessed. […]
CISA (Cybersecurity & Infrastructure Security Agency) has issued a companion alert to AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure and Private Sector Organizations. This alert focuses on activity that CISA attributes to attack vectors other than SolarWinds Orion. What CISA Has Seen: An APT (advanced persistent threat) actor using compromised applications in […]
In response to the attempts of malicious actors to access/collect protected data via abuse of federated authentication environments, the NSA has issued an advisory entitled “Detecting Abuse in Authentication Mechanisms“. The advisory details two sets of known TTPs (tactics, techniques & procedures) that malicious actors are using to gain access to networks and cloud resources, […]
The Cybersecurity Infrastructure Agency (“CISA”) has issued a report stating that they are aware of compromises of U.S. government agencies, critical infrastructure entities and the private sector organized by an advanced persistent threat (“APT”) nation-state actor dating back to March of this year. Please see the above-referenced report for a list of SolarWinds affected products, […]