The Information Highway

The Information Highway

VMware ESXi flaw exploited by ransomware group

Threat-Advisory-Banner3

Threat update

A VMware ESXi vulnerability, known as CVE-2024-37085, has been discovered and it is actively exploited by several ransomware groups. Review this Cybersecurity Threat Advisory to learn how to limit the impact of this flaw. 

Continue reading
  330 Hits

SaaS Backup & Archive (SBA) Automatically protect and recover business-critical data.

SaaS

Works with Microsoft 365, Google Workspace, and IMAP/POP3 servers

Continue reading
  409 Hits

Atlassian Confluence RCE vulnerability

Threat-Advisory-Banner3

Threat update

A new high-severity remote code execution (RCE) vulnerability known as CVE-2024-21683 has been discovered in Atlassian's Confluence Data Center and Server. This vulnerability permits an attacker with an account on the service to gain server control. Review this Cybersecurity Threat Advisory for more information and to limit your risk now.

Continue reading
  344 Hits

Active exploitation of Microsoft vulnerabilities

Threat-Advisory-Banner3

Threat update

 This Cybersecurity Threat Advisory highlights a new attack technique exploiting vulnerabilities in Microsoft Management Console (MMC). By creating malicious management saved console (MSC) files that appear legitimate, attackers can bypass traditional security measures and exploit the targeted MMC. LBT Technology Group recommends taking immediate action to mitigate this significant security risk.

Continue reading
  387 Hits

Critical ASUS vulnerability

Threat-Advisory-Banner3

Threat update

 ASUS released a product security advisory urging customers to update their firmware to address a critical authentication bypass vulnerability impacting multiple of its router models. Review this Cybersecurity Threat Advisory to learn which router models are impacted and how to mitigate your risks.

Continue reading
  384 Hits

VMware privilege escalation vulnerabilities

Threat-Advisory-Banner3

Threat update

VMware has released patches to address critical vulnerabilities impacting Cloud Foundation, vCenter Server, and vSphere ESXi, which could be exploited to achieve privilege escalation and remote code execution. The flaws, identified as CVE-2024-37079, CVE-2024-37080, and CVE-2024-37081, have high CVSS scores 

Continue reading
  421 Hits

New Microsoft Outlook client vulnerability

Threat-Advisory-Banner3

Threat update

A recent Microsoft Outlook client zero-click remote code execution (RCE) vulnerability, CVE-2024-30103, has a CVSS score of 8.8. 

Continue reading
  527 Hits

New typosquatting attack targeting Google users

Threat-Advisory-Banner3

Threat update

Google users have been targeted with a typosquatted attack when searching Advanced IP Scanner. When searching for this free network scanner for Windows, users are served with an exploited version of Advanced IP Scanner that injects a CobaltStrike Beacon into the parent process's address space. 

Continue reading
  399 Hits

Critical VBEM vulnerability

Threat-Advisory-Banner3

Threat update

 A Veeam Backup Enterprise Manager (VBEM) security vulnerability, CVE-2024-29849, can pose serious risks for organizations. Users are advised to update their VBEM to the latest version immediately.

Continue reading
  402 Hits

Cybersecurity Threat Advisory: New ShrinkLocker ransomware strains

Threat-Advisory-Banner3

Threat update

ShrinkLocker is a recent ransomware strain that leverages a legitimate Windows encryption feature, BitLocker, to lock victims out of their devices. It shrinks the partition, increasing the impact of the attack. 

Continue reading
  376 Hits

Oracle WebLogic Server vulnerability

Threat-Advisory-Banner3

Threat update

There has been active exploitation of a critical operating system (OS) command injection vulnerability, known as CVE-2017-3506, found in the Oracle WebLogic Server. The impact can be severe, ranging from financial loss to reputational damage.

Continue reading
  408 Hits

RedTail exploits PAN-OS vulnerability

Threat-Advisory-Banner3

Threat update

Palo Alto Networks has recently disclosed a critical zero-day vulnerability, CVE-2024-3400, within its PAN-OS operating system. The flaw, found in the GlobalProtect Gateway, is currently under active exploitation. Additionally, the threat actors behind RedTail cryptocurrency mining malware have added this vulnerability to its exploit arsenal, further intensifying the threat. 

Continue reading
  378 Hits

Critical vulnerability discovered in FortiSIEM

Threat-Advisory-Banner3

Threat update

A new critical command injection vulnerability, CVE-2024-23108, was found in Fortinet's FortiSIEM solution. This vulnerability poses significant risks to organizations using the solution. 

Continue reading
  425 Hits

Critical flaws discovered in Cacti framework

Threat-Advisory-Banner3

Threat update

This Cybersecurity Threat Advisory breaks down multiple critical vulnerabilities in the Cacti framework, an open-source network monitoring and fault management tool. Successful exploitation of these vulnerabilities could allow attackers to execute arbitrary code and compromise network infrastructure.

Continue reading
  480 Hits

Critical GitLab bug

Threat-Advisory-Banne2r

Threat update

 A critical vulnerability in GitLab, labeled CVE-2023-7028, is under active attack by threat actors to achieve account takeover, as reported by the Cybersecurity and Infrastructure Security Agency (CISA).

Continue reading
  474 Hits

RCE vulnerabilities in HPE Aruba Networking devices

Threat-Advisory-Banne2r

Threat update

HPE Aruba Networking has disclosed that critical remote code execution (RCE) vulnerabilities are impacting multiple versions of ArubaOS. Out of the ten vulnerabilities found, four pose critical risks of unauthenticated buffer overflows in various services.

Continue reading
  418 Hits

R Programming Vulnerability

Threat-Advisory-Banne2r

Threat update

A critical security flaw known as CVE-2024-27322 with a CVSS score of 8.8, has been discovered within the R programming language. Attackers can craft malicious RDS files or R packages that embed arbitrary R code. 

Continue reading
  467 Hits

Killware: The emerging cyberthreat

2024-04-27-14_21_01-Killware_-The-emerging-cyberthreat-and-5-more-pages---InPrivate---Microsoft-E

 Given the surge of incidents within the past decade, many people are becoming familiar with ransomware and data breaches. However, a new type of cyberattack known as killware has emerged in recent years. It's now a major security issue for organizations. But what does the term "killware" actually mean? Let's take a look:

Continue reading
  428 Hits

Active exploit of Atlassian Confluence

Threat-Advisory-Banne2r

Threat update

This Cybersecurity Threat Advisory details the exploitation of the critical vulnerability CVE-2023-22518 in the Atlassian Confluence Data Center and Server. Attackers are deploying a Linux variant of Cerber (aka C3RB3R) ransomware. This allows unauthenticated attackers to reset Confluence and create administrator accounts, granting them complete control over affected systems.

Continue reading
  578 Hits

LayerSlider SQL injection vulnerability

Threat-Advisory-Banne2r

Threat update

An unauthenticated Structured Query Language (SQL) injection vulnerability, known as CVE-2024-2879, has been found in the WordPress plugin LayerSlider.

Continue reading
  537 Hits

Top Breaches Of 2023

Customers Affected In T-Mobile Breach
Accounts Affected In MOVEit Breach
Customers Affected In MCNA Insurance Data Breach
Individuals Affected In PharMerica Data Breach
Users Affected In ChatGPT Major Data Breach
*Founder Shield End of Year 2023