Regarding malware, breaches, and the overall threat landscape, 2023 is off to a dynamic start. Malvertising (malicious advertising) continues to be a successful attack vector for hackers, especially from sponsored ads via Google searches. Jon DiMaggio released his long-awaited Ransomware Diary series beginning with the first iteration of the LockBit ransomware group. Also, a … [Read more...]
When Trying to Catch ‘Em All, Leave This RAT Alone
Recently, researchers have observed threat actors using a website previously associated with the popular AR game, PokemonGo to distribute a remote access trojan (RAT). The method of delivery is a cleverly disguised game installer that includes a copy of the commonly used NetSupport Manager application, which on its own is technically a trusted application. The surreptitious use … [Read more...]
Critical RCE Vulnerability in Log4J2
[Updated 13-12-2021: Additional information for WatchGuard customers] On Thursday, security researchers disclosed a critical, unauthenticated remote code execution (RCE) vulnerability in log4j2, a popular and widely used logging library for java applications. CVE-2021-44228 is a full 10.0 on the CVSS vulnerability scoring system due to a combination of how trivial the exploit … [Read more...]
Exchange Server Vulnerabilities Actively Exploited in the Wild
(Updated 03/10/2021 to include defensive tips) As the cybersecurity community continues to reel with the sweeping effects of the SolarWinds attack, the Microsoft Threat Intelligence Center (MSTIC) has released information about another widespread campaign targeting Exchange servers. It has been found that a state-sponsored threat actor operating out of China, which they are … [Read more...]
SolarWinds Supply Chain Hack Responsible for FireEye Breach
Last week, the cybersecurity consulting company FireEye announced they had suffered a breach where attackers stole sensitive “red team” hacking tools and potentially information related to certain government customers. FireEye has historically been one of if not the most prominent consultants brought in to investigate attacks against large organizations and government entities. … [Read more...]