Category: alerts
Category Added in a WPeMatico Campaign
-
Exchange Servers Targeted by ‘Epsilon Red’ Malware
REvil threat actors may be behind a set of PowerShell scripts developed for encryption and weaponized to exploit vulnerabilities in corporate networks, the ransom note suggests. Read more
-
Podcast: The State of Ransomware
In this Threatpost podcast, Fortinet’s top researcher sketches out the ransom landscape, with takeaways from the DarkSide attack on Colonial Pipeline. Read more
-
CISA Releases Best Practices for Mapping to MITRE ATT&CK®
Original release date: June 2, 2021 As part of an effort to encourage a common language in threat actor analysis, CISA has released Best Practices for MITRE ATT&CK® Mapping. The guide shows analysts—through instructions and examples—how to map adversary behavior to the MITRE ATT&CK framework. CISA created this guide in partnership with the Homeland Security… Read more
-
Where Bug Bounty Programs Fall Flat
Some criminals package exploits into bundles to sell on cybercriminal forums years after they were zero days, while others say bounties aren’t enough . Read more
-
Cyber-Insurance Fuels Ransomware Payment Surge
Companies relying on their cyber-insurance policies to pay off ransomware criminals are being blamed for a recent uptick in ransomware attacks. Read more
-
Vulnerability Summary for the Week of May 24, 2021
Original release date: May 31, 2021 High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info aioseo — all_in_one_seo The All in One SEO – Best WordPress SEO Plugin – Easily Improve Your SEO Rankings before 4.1.0.2 enables authenticated users with “aioseo_tools_settings” privilege (most of the time admin) to execute… Read more
-
HPE Fixes Critical Zero-Day in Server Management Software
The bug in HPE SIM makes it easy as pie for attackers to remotely trigger code, no user interaction necessary. Read more
-
Joint CISA-FBI Cybersecurity Advisory on Sophisticated Spearphishing Campaign
Original release date: May 28, 2021 CISA and the Federal Bureau of Investigation (FBI) are responding to an ongoing spearphishing campaign targeting government organizations, intergovernmental organizations, and non-governmental organizations. A sophisticated cyber threat actor leveraged a compromised end-user account from Constant Contact—a legitimate email marketing software company—to spoof a U.S. government organization and distribute links… Read more
-
AA21-148A: Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs
Original release date: May 28, 2021 Summary The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are responding to a spearphishing campaign targeting government organizations, intergovernmental organizations (IGOs), and non-governmental organizations (NGOs). A sophisticated cyber threat actor leveraged a compromised end-user account from Constant Contact, a legitimate email marketing software… Read more
-
FBI Update on Exploitation of Fortinet FortiOS Vulnerabilities
Original release date: May 28, 2021 The Federal Bureau of Investigation (FBI) has released an FBI FLASH, APT Actors Exploiting Fortinet Vulnerabilities to Gain Access for Malicious Activity, which describes advanced persistent threat (APT) actors exploiting known Fortinet FortiOS vulnerabilities. APT actors may exploit these vulnerabilities to gain initial access to multiple government, commercial, and… Read more