The following advisories/alerts from Novacoast are intended to brief users and administrators on newly discovered threats, vulnerabilities, and critical software updates.
Weekly Top 10: 10.28.2024: Severe Flaws in E2EE Cloud Storage Platforms Used by Millions; ClickFix Tactic: The Phantom Meet; Firm Hacked After Accidentally Hiring North Korean Cyber Criminal, and More.
Weekly Top 10: 10.21.2024: Severe Flaws in E2EE Cloud Storage Platforms Used by Millions; ClickFix Tactic: The…
Weekly Top 10: 10.21.2024: North Korean Threat Actors Target ATMs; BianLian Claims Responsibility for Attack on Children’s Hospital; Hacker Behind the Infamous NPD Breach Arrested by Brazilian Authorities, and More.
Weekly Top 10: 10.21.2024: North Korean Threat Actors Target ATMs; BianLian Claims Responsibility for Attack on…
Weekly Top 10: 10.14.2024: American Water Under Attack Forced to Shut Down Systems; Ukrainian National Pled Guilty to Involvement in Raccoon Stealer; 31 Million Accounts Leaked in Security Breach Against the Internet Archive, and More.
Weekly Top 10: 10.14.2024: American Water Under Attack Forced to Shut Down Systems; Ukrainian National Pled Guilty to…
Weekly Top 10: 10.7.2024: When CUPS Runneth Over: The Threat of DDoS; Perfctl: A Stealthy Malware Targeting Millions of Linux Servers; WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks, and More.
Weekly Top 10: 10.7.2024: When CUPS Runneth Over: The Threat of DDoS; Perfctl: A Stealthy Malware Targeting Millions…
Weekly Top 10: 9.30.2024: Critical Unauthenticated RCE Discovered in Linux; Meta Fined 91 Million Euros for Insecure Password Storage; Windows Vulnerable to Privilege Escalation Attack, and More.
Weekly Top 10: 9.30.2024: Critical Unauthenticated RCE Discovered in Linux; Meta Fined 91 Million Euros for Insecure…
Weekly Top 10: 9.23.2024: Enterprise ServiceNow Knowledge Bases at Risk: Extensive Data Exposures Uncovered; Highway Blobbery: Data Theft using Azure Storage Explorer; Chinese Botnet Infects 260,000 SOHO Routers, IP Cameras with Malware, and More.
Weekly Top 10: 9.23.2024: Enterprise ServiceNow Knowledge Bases at Risk: Extensive Data Exposures Uncovered; Highway…
Weekly Top 10: 9.16.2024: Phishing Pages Delivered Through Refresh HTTP Response Header; Progress LoadMaster Vulnerable to 10/10 Severity RCE Flaw; Microsoft Fixes Windows Smart App Control Zero-Day Exploited Since 2018, and More.
Phishing Pages Delivered Through Refresh HTTP Response Header; Progress LoadMaster Vulnerable to 10/10 Severity RCE…
Weekly Top 10: 9.9.2024: Command Injection Vulnerability Discovered in Zyxel Routers; New Android Trojan Poses as Banking Applications; DrayTek Vulnerability Added to CISA’s KEV List, and More.
Command Injection Vulnerability Discovered in Zyxel Routers; New Android Trojan Poses as Banking Applications;…
Weekly Top 10: 9.2.2024: Trend Micro Discovers Cryptojacking Attacks Targeting Atlassian Confluence Servers; Windows Downgrading Tool Publicly Available; BlackByte Ransomware Attacking VMware ESXi Servers, and More.
Trend Micro Discovers Cryptojacking Attacks Targeting Atlassian Confluence Servers; Windows Downgrading Tool Publicly…
Weekly Top 10: 8.26.2024: Analyzing the Cthulhu Stealer Malware for macOS; PG_MEM: A Malware Hidden in the Postgres Processes; NUMOZYLOD Malware Distributed Through Popular Searches, and More.
Analyzing the Cthulhu Stealer Malware for macOS; PG_MEM: A Malware Hidden in the Postgres Processes; NUMOZYLOD…
Weekly Top 10: 8.19.2024: Net Suite E-Commerce Sites Leak Customer Information; Google Disrupts Iranian-Linked Hacking Campaigns; Russian InfoStealer Malware Campaign Mimics Legitimate Brands, and More.
Net Suite E-Commerce Sites Leak Customer Information; Google Disrupts Iranian-Linked Hacking Campaigns; Russian…
Weekly Top 10: 8.12.2024: Progress WhatsUp critical RCE Vulnerability Actively Exploited; Cisco Critical Vulnerability has Public Exploit Code; North Korea-linked Threat Actor Targets Universities, and More.
Progress WhatsUp critical RCE Vulnerability Actively Exploited; Cisco Critical Vulnerability has Public Exploit Code;…