Alerts

Cuba is a ransomware family that appends the .cuba file extension to encrypted files. When executed this malware terminates services associated with common server applications and encrypts files on the local filesystem and attached network drives using an embedded RSA key. Cuba ransomware operation has increased its activity recently and started to target financial organizations […]

Cisco has released security updates to address several vulnerabilities in multiple Cisco products. The remote attacker could exploit some of these vulnerabilities to take control of the affected system. The released updates to fix multiple vulnerabilities affecting Cisco devices if they are running a vulnerable release of Cisco SD-WAN vManage Software, Cisco Catalyst 8000V Edge

Fortinet has released security updates to fix several vulnerabilities across multiple products. The remote attacker could exploit some of these vulnerabilities to take control of the affected system and cause a denial of service attacks. Sample of the addressed vulnerabilities: FortiAP & FortiAP-S & FortiAP-W2 & FortiAP-U – Command injection in CLI (CVE-2022-29058): CVSS: 7.8

Google has released an updated Chrome version (105.0.5195.102) for Windows, Mac, and Linux to fix one vulnerability. The remote attacker could exploit this vulnerability to take control of the affected system and bypass security. Google released an emergency update for the company’s Chrome web browser. The update addresses a security issue in the browser that

Agenda is a new Golang-based ransomware detected in the wild targeting entities and enterprises in Asia, Africa, and the Middle East. Security researchers spotted this ransomware to be customized per victim. Security researchers have spotted a new ransomware dupped “Agenda” that was customized for each victim, and it was written in the Go programming language,

Google has released an updated Chrome version (105.0.5195.52/53/54) for Windows and (105.0.5195.52) for (Mac/Linux) to fix several vulnerabilities. The remote attacker could exploit these vulnerabilities to take control of the affected system and bypass security. The severity of the addressed vulnerabilities could allow the remote attacker to execute arbitrary code or cause a denial of

Broadcom Symantec has released security updates to address a new vulnerability. The remote attacker could exploit this vulnerability to take control of the affected system and gain elevated privileges. The addressed vulnerability could allow the attacker to gain access to affected PAMconfiguration endpoints with reading and writing permissions when multi-factor authentication (MFA) is enabled. Privileged

Cisco has released security updates to address several vulnerabilities in multiple Cisco products. The remote attacker could exploit some of these vulnerabilities to take control of the affected system. The released updates to fix multiple vulnerabilities affecting Cisco FXOS Software, Cisco NX-OS Software and Cisco ACI Multi-Site Orchestrator (MSO). The addressed vulnerabilities could allow the

Mozilla has released security updates to fix vulnerabilities in Firefox , Firefox ESR and Thunderbird. The remote attacker could exploit these vulnerabilities to gain access, escalate privileges, and bypass security controls. Sample of The Addressed Vulnerabilities: Mozilla Firefox security bypass (CVE-2022-38473): CVSS: 8.8 Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: Required

Apple has released security updates to address multiple vulnerabilities in the updated version of macOS Monterey 12.5.1. The remote attacker could exploit these vulnerabilities to take control of the affected system. The severity of the addressed vulnerabilities could allow the attackers to perform several attacks like elevating privileges, and executing arbitrary code on the affected

Google has released an updated Chrome version (104.0.5112.101) for Windows, Mac and Linux to fix several vulnerabilities, including a zero-day flaw that is being exploited in the wild. The remote attacker could exploit these vulnerabilities to takecontrol of the affected system. The severity of the addressed vulnerabilities could allow the remote attacker to execute arbitrary code on

Yanluowang is a targeted Ransomware for multiple critical infrastructure sectors, including the hardware, information technology, software, and high-tech sectors. Yanluowang was first discovered in mid-October 2021. Yanluowang group uses to publish the data stolen from ransomware victims. Yanluowang is ransomware that encrypts (and renames) files, ends all running processes, stops services, and creates the “README.txt”

SAP has released security updates to address several vulnerabilities affecting multiple products. SAP also announced (2) updates to the previously released patch day security note. This month’s patch fixes several vulnerabilities affecting multiple SAP products such as SAP BusinessObjects Business Intelligence (Open Document, Monitoring DB, Commentary DB), SAP Enable Now Manager, SAP NetWeaver, and SAP

EG-FinCIRT has detected a massive phishing campaign focused on collecting credentials of financial institutions’ employees. The detected phishing campaign targets the organizations’ employees by sending a phishing email from a newly created domain to ensure they have clean records to alert the targeted users about “E-mail Storage Full” and persuade them to enter their username

Tenable Nessus has released an updated version (Nessus 8.15.6) to fix multiple vulnerabilities. The remote attacker could exploit these vulnerabilities to execute commands with administrator privileges and read arbitrary files without providing any valid SSH credentials. The most severe of the addressed vulnerability could allow the remote attacker to trick the victim to open a

Palo Alto has released security updates to address a vulnerability in Palo Alto Networks PAN-OS. The remote attacker could exploit this vulnerability to take control of the affected system. Palo Alto Networks PAN-OS is vulnerable to a denial of service, caused by a misconfiguration flaw in the URL filtering policy. The remote attacker could exploit

Zoho has addressed a new vulnerability that leads to remote code execution on multiple affected products. Multiple Zoho ManageEngine products could allow the remote authenticated attacker to execute arbitrary code on the system. The attacker could exploit this vulnerability to execute arbitrary code on the system by sending a specially-crafted request to carry out changes