Tag: Latest News

HomeArchives

FoggyWeb: SolarWinds Hackers Access Microsoft AD Servers

Background The Microsoft Threat Intelligence Center (MSTIC) has released information on the uncovering of a widespread malicious email campaign undertaken by the activity group that Microsoft tracks as NOBELIUM. Nobelium, which operates from Russia, is the name given to the threat actor behind...

Continue Reading  

APT Actors Exploiting Fortinet Vulnerabilities to Gain Access for Malicious Activity (MI-000148-MW)

The FBI is continuing to warn about Advanced Persistent Threat (APT) actors exploiting Fortinet vulnerabilities. As of at least May 2021, an APT actor group almost certainly exploited a Fortigate appliance to access a webserver hosting the domain for a...

Continue Reading  

APT Actors Exploit Vulnerabilities to Gain Initial Access for Future Attacks (AA21-092A)

In March 2021 it was observed Advanced Persistent Threat (APT) actors scanning devices on ports 4443, 8443, and 10443 for CVE-2018-13379, and enumerated devices for CVE-2020-12812 and CVE-2019-5591. It is likely that the APT actors are scanning for these vulnerabilities...

Continue Reading  

Ransomware Activity Targeting the Healthcare and Public Health Sector (AA20-302A)

During COVID 19 pandemic, cybersecurity attacks related news have been followed more after COVID news. We have seen cyber criminals have responded to the crisis in different ways. Across the globe, we have seen a sudden rise in ransomware attacks....

Continue Reading  

Microsoft Exchange Servers Still At Risk To Actively Exploited Vulnerabilities!

According to Cybernetic Global Intelligence (CGI) cybersecurity auditors, majority of Microsoft Exchange Servers still need to be updated with a fix for a critical memory corruption vulnerability reported earlier this year. These unpatched servers are extremely vulnerable to attack. Over...

Continue Reading