The Information Highway

The Information Highway

Phishing campaign spreading Remcos RAT malware

Threat-Advisory-Banner3

Threat update

A new phishing campaign spreading a fileless variant of Remcos RAT malware has been discovered. Read below to learn how this could impact your organization.

Continue reading
  90 Hits

Palo Alto PAN-OS RCE vulnerability

Threat-Advisory-Banner3

Threat update

A threat advisory was issued to Palo Alto customers notifying them of a vulnerability in the PAN-OS interface that can lead to remote code execution (RCE).

Continue reading
  92 Hits

Vulnerabilities found in Microsoft Azure AI

Threat-Advisory-Banner3

Threat update

Significant vulnerabilities in Microsoft's Azure AI Content Safety services have been discovered. These vulnerabilities enable attackers to bypass safeguards and deploy harmful AI-generated content.

Continue reading
  92 Hits

CRON#TRAP phishing campaign

Threat-Advisory-Banner3

Threat update

A new phishing campaign, identified as CRON#TRAP, are targeting Windows systems with a preloaded Linux virtual machine (VM) to evade detection to conduct malicious acts. Continue reading this Cybersecurity Threat Advisory to learn how to protect against this phishing campaign. 

Continue reading
  93 Hits

Vulnerabilities found in Microsoft Azure AI

Threat-Advisory-Banner3

Threat update

Significant vulnerabilities in Microsoft's Azure AI Content Safety services have been discovered. These vulnerabilities enable attackers to bypass safeguards and deploy harmful AI-generated content. Continue reading this Cybersecurity Threat Advisory to learn the implications of these flaws and which security measures to implement to protect your organization.

Continue reading
  71 Hits

Critical Ivanti CSA flaw actively exploited

Threat-Advisory-Banner3

Threat update

Three Ivanti Cloud Service Appliance (CSA) vulnerabilities are being exploited and weaponized in the wild. Read this Cybersecurity Threat Advisory to learn how you can mitigate your risk of being targeted.

Continue reading
  159 Hits

Mozilla Firefox zero-day vulnerability

Threat-Advisory-Banner3

Threat update

A Mozilla Firefox critical zero-day vulnerability, CVE-2024-9680, has emerged. This vulnerability allows an attacker to have unauthorized access and potential remote code execution on the affected OS. Continue reading this Cybersecurity Threat Advisory for recommendations to remediate this threat.

Continue reading
  133 Hits

Apache Avro SDK vulnerability

Threat-Advisory-Banner3

Threat update

A critical security flaw in the Apache Avro Java Software Development Kit (SDK), tracked as CVE-2024-47561, poses a significant threat to systems using this data serialization framework. A successful exploitation allows an attacker to execute arbitrary code on vulnerable instances. Continue reading this Cybersecurity Threat Advisory to learn how you can mitigate your risk.

Continue reading
  147 Hits

Exploited cryptojacking campaign impacting Docker

Threat-Advisory-Banner3

Threat update

 A new cryptojacking campaign exploiting the Docker Engine API has been discovered. The large-scale hacking campaign is targeting Docker Swarm, Kubernetes, and Secure Socket Shell (SSH) servers. Continue reading this Cybersecurity Threat Advisory to learn how to mitigate your risk from these vulnerabilities.

Continue reading
  146 Hits

Critical RCE vulnerability in ZCS

Threat-Advisory-Banner3

Threat update

There is a critical remote code execution (RCE) vulnerability in Zimbra Collaboration Suite (ZCS) version 9.0, tracked as CVE-2024-45519. The vulnerability allows unauthenticated attackers to remotely execute arbitrary commands by exploiting weaknesses in Zimbra's SMTP PostJournal service. 

Continue reading
  179 Hits

Veeam Backup security flaws

Threat-Advisory-Banner3

Threat update

There were recently six vulnerabilities discovered in Veeam Backup and Replication. One of them is an unauthenticated remote code execution (RCE), while the other five include authenticated RCE, arbitrary file deletion, low-privileged multi-factor authentication (MFA) setting modification and MFA bypass, credential sniffing, and privilege escalation. Review the details in this Cybersecurity Threat Advisory to limit customers' impact.

Continue reading
  241 Hits

Critical SonicOS Vulnerability

Threat-Advisory-Banner3

Threat update

A critical vulnerability has been identified in the SonicWall SonicOS management access. 

Continue reading
  238 Hits

VMware ESXi flaw exploited by ransomware group

Threat-Advisory-Banner3

Threat update

A VMware ESXi vulnerability, known as CVE-2024-37085, has been discovered and it is actively exploited by several ransomware groups. Review this Cybersecurity Threat Advisory to learn how to limit the impact of this flaw. 

Continue reading
  353 Hits

Atlassian Confluence RCE vulnerability

Threat-Advisory-Banner3

Threat update

A new high-severity remote code execution (RCE) vulnerability known as CVE-2024-21683 has been discovered in Atlassian's Confluence Data Center and Server. This vulnerability permits an attacker with an account on the service to gain server control. Review this Cybersecurity Threat Advisory for more information and to limit your risk now.

Continue reading
  363 Hits

Active exploitation of Microsoft vulnerabilities

Threat-Advisory-Banner3

Threat update

 This Cybersecurity Threat Advisory highlights a new attack technique exploiting vulnerabilities in Microsoft Management Console (MMC). By creating malicious management saved console (MSC) files that appear legitimate, attackers can bypass traditional security measures and exploit the targeted MMC. LBT Technology Group recommends taking immediate action to mitigate this significant security risk.

Continue reading
  402 Hits

New Microsoft Outlook client vulnerability

Threat-Advisory-Banner3

Threat update

A recent Microsoft Outlook client zero-click remote code execution (RCE) vulnerability, CVE-2024-30103, has a CVSS score of 8.8. 

Continue reading
  540 Hits

Critical VBEM vulnerability

Threat-Advisory-Banner3

Threat update

 A Veeam Backup Enterprise Manager (VBEM) security vulnerability, CVE-2024-29849, can pose serious risks for organizations. Users are advised to update their VBEM to the latest version immediately.

Continue reading
  418 Hits

Oracle WebLogic Server vulnerability

Threat-Advisory-Banner3

Threat update

There has been active exploitation of a critical operating system (OS) command injection vulnerability, known as CVE-2017-3506, found in the Oracle WebLogic Server. The impact can be severe, ranging from financial loss to reputational damage.

Continue reading
  429 Hits

Critical vulnerability discovered in FortiSIEM

Threat-Advisory-Banner3

Threat update

A new critical command injection vulnerability, CVE-2024-23108, was found in Fortinet's FortiSIEM solution. This vulnerability poses significant risks to organizations using the solution. 

Continue reading
  441 Hits

Critical flaws discovered in Cacti framework

Threat-Advisory-Banner3

Threat update

This Cybersecurity Threat Advisory breaks down multiple critical vulnerabilities in the Cacti framework, an open-source network monitoring and fault management tool. Successful exploitation of these vulnerabilities could allow attackers to execute arbitrary code and compromise network infrastructure.

Continue reading
  497 Hits

Top Breaches Of 2023

Customers Affected In T-Mobile Breach
Accounts Affected In MOVEit Breach
Customers Affected In MCNA Insurance Data Breach
Individuals Affected In PharMerica Data Breach
Users Affected In ChatGPT Major Data Breach
*Founder Shield End of Year 2023