Fortinet has privately informed some customers about a critical and remotely exploitable vulnerability that poses a significant risk.
New ‘Maggie’ Backdoor Targeting Microsoft SQL Servers
Security researchers with threat hunting firm DCSO CyTec are warning of a new backdoor that has been targeting Microsoft SQL (MSSQL) servers.
FBI, CISA Say Malicious Cyber Activity Unlikely to Disrupt Election
Iranian Hackers Target Enterprise Android Users With New RatMilad Spyware
Zimperium is warning of an Iranian hacking group using a new piece of Android spyware in a broad campaign that has also targeted enterprise users.
US Government Details Tools Used by APTs in Defense Organization Attack
The NSA, FBI and CISA have issued an alert describing the tools and techniques used by advanced persistent threat (APT) actors in an attack aimed at an unnamed defense industrial base organization in the United States.
Mitigation for ProxyNotShell Exchange Vulnerabilities Easily Bypassed
A mitigation proposed by Microsoft and others for the new Exchange Server zero-day vulnerabilities named ProxyNotShell can be easily bypassed, researchers warn.
The security holes, officially tracked as CVE-2022-41040 and CVE-2022-41082, can allow an attacker to remotely execute arbitrary code with elevated privileges.
Supply Chain Attack Targets Customer Engagement Firm Comm100
CrowdStrike is warning of a recently identified supply chain attack involving Canada-based customer engagement software provider Comm100.
Microsoft Links Exploitation of Exchange Zero-Days to State-Sponsored Hacker Group
Microsoft has been investigating the attacks exploiting the new Exchange Server zero-day vulnerabilities and believes that a single state-sponsored threat group has been using them in highly targeted attacks.
Microsoft Confirms Exploitation of Two Exchange Server Zero-Days
Microsoft has confirmed that it’s aware of two Exchange Server zero-day vulnerabilities that have been exploited in targeted attacks. The tech giant is working on patches.
Chinese Cyberespionage Group ‘Witchetty’ Updates Toolset in Recent Attacks
Chinese cyberespionage group Witchetty has been observed updating its toolset in recent attacks targeting entities in the Middle East and Africa, Symantec reports.
Also referred to as LookingFrog, Witchetty is believed to be part of Cicada, the Chinese advanced persistent threat (APT) actor also known as APT10 and Stone Panda.