Security Advisories & Alerts


Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082

Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082

Microsoft has confirmed that two reported zero-day vulnerabilities in Microsoft Exchange Server 2013, 2016, and 2019. The first one, identified as CVE-2022-41040, is a Server-Side Request Forgery (SSRF) vulnerability, and the second one, identified as CVE-2022-41082, allows Remote Code Execution (RCE) when PowerShell is accessible to the attacker. From the...

Read more


North Korean Hackers Weaponizing Open-Source Software in Latest Cyber Attacks

North Korean Hackers Weaponizing Open-Source Software in Latest Cyber Attacks

Hackers backed by the North Korean government are weaponizing well-known pieces of open source software in an ongoing campaign that has already succeeded in compromising “numerous” organizations in the media, defense and aerospace, and IT services industries, Microsoft said on Thursday. ZINC—Microsoft’s name for a threat actor group also called...

Read more


Microsoft confirms two Exchange Server zero days are being used in cyberattacks

Microsoft confirms two Exchange Server zero days are being used in cyberattacks

Microsoft confirmed it is investigating two zero days affecting its Exchange Server software late Thursday following a report from Vietnamese cybersecurity firm GTSC that the vulnerabilities are being exploited in the wild. GTSC said it discovered the issues in August while doing security incident monitoring and response, then reported the issue to Microsoft’s Zero...

Read more


Critical Vulnerability in Sophos Firewall

Critical Vulnerability in Sophos Firewall

Sophos warned today that a critical code injection security vulnerability in the company’s Firewall product is being exploited in the wild. “Sophos has observed this vulnerability being used to target a small set of specific organizations, primarily in the South Asia region,” the security software and hardware vendor warned. “We...

Read more


Researchers Uncover a New Metador APT Targeting Telcos, ISPs, and Universities.

Researchers Uncover a New Metador APT Targeting Telcos, ISPs, and Universities.

Executive Summary SentinelLabs researchers uncovered a never-before-seen advanced threat actor we’ve dubbed ‘Metador’. Metador primarily targets telecommunications, internet service providers, and universities in several countries in the Middle East and Africa. The operators are highly aware of operations security, managing carefully segmented infrastructure per victim, and quickly deploying intricate countermeasures...

Read more


High-Severity Firmware Security Flaws Left Unpatched in HP Enterprise Devices

High-Severity Firmware Security Flaws Left Unpatched in HP Enterprise Devices

A number of firmware security flaws uncovered in HP’s business-oriented high-end notebooks continue to be left unpatched in some devices even months after public disclosure. Binarly, which first revealed details of the issues at the Black Hat USA conference in mid-August 2022, said the vulnerabilities “can’t be detected by firmware integrity monitoring systems due...

Read more


Travel Industry Recovering From Covid Turbulence, Grounded By Cyberattacks

Travel Industry Recovering From Covid Turbulence, Grounded By Cyberattacks

Cybercrime Activities At A Glance  Introduction  The Aviation industry is a critical, strategic, and economically important sector for any nation. The pandemic-struck industry has started showing signs of gradual recovery after two years of volatility, however, attaining the pre-COVID global travel figures seems still farfetched until mid-2023. Amidst epidemic chaos,...

Read more


Palo Alto Recognizes Vulnerability Impacting PAN-OS® (CVE-2022-0028)

Palo Alto Recognizes Vulnerability Impacting PAN-OS® (CVE-2022-0028)

Global Critical Infrastructure Potentially Vulnerable To Reflected Amplification-Based Denial-Of-Service (RDoS) Attacks Introduction Over the past few weeks, Cyble Research & Intelligence Labs has observed the active exploitation of a recently discovered vulnerability found in the Palo Alto Networks’ PAN-OS operating system that runs the firewalls and could allows a remote...

Read more


New Android Banking Trojan Zanubis Spotted In The Wild.

New Android Banking Trojan Zanubis Spotted In The Wild.

Cyble Research and Intelligence Labs (CRIL) has been tracking the activities of various Android Banking Trojans such as Hydra, Ermac, and Amextroll, amongst several others. During a routine threat-hunting exercise, we came across a Twitter post where a researcher mentioned a malware sample. After an in-depth analysis, the malware was identified as a new Android...

Read more


Zeppelin Ransomware

Zeppelin Ransomware

Technical Details Note: this advisory uses the MITRE ATT&CK® for Enterprise framework, version 11. See MITRE ATT&CK for Enterprise for all referenced tactics and techniques. Zeppelin ransomware is a derivative of the Delphi-based Vega malware family and functions as a Ransomware as a Service (RaaS). From 2019 through at least June 2022,...

Read more


Page 1 of 6312345...102030...Last »