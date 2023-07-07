On Thursday, CISA and the FBI released a joint advisory regarding hackers linked to the Truebot malware operation. Cybercriminals are exploiting a known vulnerability, CVE-2022-31199, in the Netwrix Auditor application to breach organizations in the United States and Canada.

Bishop Fox researchers discovered the issue one year ago and warned that servers running the Netwrix Auditor would be vulnerable to arbitrary code execution attacks. The company released Netwrix Auditor version 10.5 to its 11,500 customers, which patched the vulnerability. CISA now warns that hackers continue to exploit the issue a year later to deliver Truebot malware variants. The joint advisory warned that threat actors spread the malware via phishing campaigns with malign hyperlinks. The agency advises targeted businesses to closely manage remote access programs and utilize phishing-resistant multifactor authentication methods.

