06 Jul 2021

REvil Group Demands $70 Million for ‘Universal Decryptor’

REvil, the group behind the damaging supply chain ransomware attack on a US software company Kaseya, has reportedly demanded $70 million in return for a universal decryption key. Researchers claim that there could be as many as 1,500 companies impacted globally. It is unclear which ransomware affiliate was used to

Read More
06 Jul 2021

Widespread Brute-Force Attacks Tied to Russia’s APT28

US and UK authorities have declared that a known advanced threat actor, APT28, also referred to as Fancy Bear or Strontium, has been tied to a range of brute-force password spraying attacks against hundreds of government and private sector targets worldwide, including European governments and military. The joint alert was

Read More
05 May 2021

Apple Issues Patches for Webkit Security Flaws

Apple has released security updates for vulnerabilities under active attack and affecting multiple products, including iOS, WatchOS, and iPadOS. The patches fix WebKit flaws that can be exploited by threat actors by utilizing maliciously crafted web content that ultimately leads to arbitrary code execution, according to Apple. The statement released

Read More
15 Apr 2021

CISA Urges Caution for Security Researchers Targeted in Attack Campaign

The Cybersecurity and Infrastructure Security Agency (CISA) has advised cybersecurity researchers to be aware of a recent phishing campaign that targets professionals within the field. The attacks were first disclosed in January and were found to be targeting researchers working on vulnerability research and development within various organizations. The individuals

Read More
12 Apr 2021

CISA Releases Tool to Detect Microsoft 365 Compromise

The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency has released a new tool that aims to help organizations detect a potential compromise to Microsoft 365 and Microsoft Azure. The tool has been named Aviary and includes a dashboard that facilitates the analysis of output from Sparrow, a

Read More
12 Apr 2021

If you haven’t patched this old VPN vulnerability, assume your network is compromised

The National Cyber Security Center (NCSC) has released a critical security alert detailing how cybercriminals are actively exploiting a Fortinet VPN vulnerability to distribute ransomware. Kaspersky reported on the flaw earlier this month, stating that criminals are seeking out unpatched systems and are able to exploit the flaw to remotely

Read More
26 Mar 2021

CISA Adds Two Web Shells to Exchange Server Guidance

The Department of Homeland Security’s Cybersecurity and Infrastructure security agency (CISA) updated its’ guidance for ongoing Microsoft Exchange Server security issues. The guidance includes two new Malware Analysis Reports. Both reports are included in the “Mitigate Microsoft Exchange Server Vulnerabilities” and identifies a Web shell in compromised exchange servers. CISA

Read More
04 Mar 2021

CISA tells Federal Agencies to Immediately Patch or ‘Disconnect’ Microsoft Exchange Servers

The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency has posted a new emergency directive calling on federal agencies to immediately patch or disconnect Microsoft Exchange servers. The alert follows a recent warning from Microsoft about major zero-day attacks on email servers, according to a recent posting by

Read More
28 Jan 2021

CISA Issues Advisory for High-Severity Vulnerabilities in Fuji Electric HMI Products

Earlier this week, the US Cybersecurity and Infrastructure Security Agency (CISA) released an advisory informing industrial organizations that there is a critical flaw in SCADA/HMI products made by Fuji Electric, a Japanese electrical equipment company. This means that some organizations are facing a security threat due to potentially serious vulnerabilities.

Read More
28 Dec 2020

SolarWinds Hackers “Impacting” State and Local Governments

The Cybersecurity and Infrastructure Security Agency (CISA) recently issued a warning regarding the impact of the recent SolarWinds Orion software government espionage campaign likely conducted by Russia. The hack consisted of Russian nation-state hackers compromising SolarWinds’s popular Orion software supply chain, effectively installing a backdoor into hundreds of high profile

Read More