Category: Security Alerts

HomeSecurity Alerts

FoggyWeb: SolarWinds Hackers Access Microsoft AD Servers

Background The Microsoft Threat Intelligence Center (MSTIC) has released information on the uncovering of a widespread malicious email campaign undertaken by the activity group that Microsoft tracks as NOBELIUM. Nobelium, which operates from Russia, is the name given to the threat actor behind...

Continue Reading  

Vulnerability Summary Reports by Cybernetic GI – Sept 2021

Cybernetic GI Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). The Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) /...

Continue Reading  

CWE Top 25 Most Dangerous Software Weaknesses, 2021

Cybernetic GI Security Bulletin provides a summary of CWE Top 25 Most Dangerous Software Weaknesses in 2021. Entries may include additional information provided by organizations. This data may include identifying information, values, definitions, and related links. The patch information is...

Continue Reading  

Kaseya Ransomware Attack – 1

In 2019, Cybernetic Global Intelligence had warned about REvil. Refer to our previous blog on GandCrab ransomware: Is it back under a new REvil guise? The fourth of July celebrations in America this year were slightly different for around 1500 organizations...

Continue Reading  

APT Actors Exploiting Fortinet Vulnerabilities to Gain Access for Malicious Activity (MI-000148-MW)

The FBI is continuing to warn about Advanced Persistent Threat (APT) actors exploiting Fortinet vulnerabilities. As of at least May 2021, an APT actor group almost certainly exploited a Fortigate appliance to access a webserver hosting the domain for a...

Continue Reading  

APT Actors Exploit Vulnerabilities to Gain Initial Access for Future Attacks (AA21-092A)

In March 2021 it was observed Advanced Persistent Threat (APT) actors scanning devices on ports 4443, 8443, and 10443 for CVE-2018-13379, and enumerated devices for CVE-2020-12812 and CVE-2019-5591. It is likely that the APT actors are scanning for these vulnerabilities...

Continue Reading  

Vulnerability Summary Reports by Cybernetic GI – February 2021

Cybernetic GI Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). The Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) /...

Continue Reading  

Australian organizations are continually failing to fend off ‘inevitable’ and costly cyber-attacks!

Australian organizations are continually failing to fend off ‘inevitable’ and costly cyber-attacks! Watchdog rips into NZX for repeated tech fails & OAIC finds 'multiple' Australian companies downplaying data breaches. A recent study has reported that Australian businesses and organizations are...

Continue Reading  

NZ Central Bank’s Data System Got Hacked

New Zealand's central bank reports that an anonymous hacker who has potentially accessed commercially and personally confidential information has compromised one of its data systems. According to a statement, from a Wellington-based bank, a third-party file-sharing service used by the...

Continue Reading  

Rising Cybercrime Groups: Why Hiring Cybersecurity Consultants Is vital than software detection against cybercrime attacks?

The threat of cybercrime against organizations is snowballing each passing day. According to one McAfee estimate, cybercrime-related damage now stands at over $400 billion, up from $250 billion two years earlier, with business-related costs running in the billions, too. Organizations...

Continue Reading