The following advisories/alerts from Novacoast are intended to brief users and administrators on newly discovered threats, vulnerabilities, and critical software updates.
Weekly Top 10: 05.05.2025: Using Trusted Protocols Against You: Gmail as a C2 Mechanism, Shadow Roles: AWS Defaults Can Open the Door to Service Takeover, Gremlin Stealer: New Stealer on Sale in Underground Forum, and More.
Using Trusted Protocols Against You: Gmail as a C2 Mechanism, Shadow Roles: AWS Defaults Can Open the Door to Service…
Weekly Top 10: 04.21.2025: ASUS AiCloud Authentication Bypass, CISA Warns of SonicWall SMA Being Actively Exploited, ‘Mustang Panda’ Employs Four New Attack Tools, and More.
ASUS AiCloud Authentication Bypass, CISA Warns of SonicWall SMA Being Actively Exploited, 'Mustang Panda' Employs…
Weekly Top 10: 04.14.2025: Exploitation of CLFS Zero-Day Leads to Ransomware Activity, Unraveling the U.S. Toll Road Smishing Scams, Shuckworm Targets Foreign Military Mission Based in Ukraine, and More.
Exploitation of CLFS Zero-Day Leads to Ransomware Activity, Unraveling the U.S. Toll Road Smishing Scams, Shuckworm…
Weekly Top 10: 04.07.2025: Oracle QR Codes on the Rise in Phishing Attempts, Partially Confirms Data Breach, Hackers Skim Credit Cards Online Using the Stripe API, and More.
Oracle QR Codes on the Rise in Phishing Attempts, Partially Confirms Data Breach, Hackers Skim Credit Cards Online…
Weekly Top 10: 03.31.2025: QWCrypt Ransomware Targets Hyper-V, Weaver Ant In Zyxel Routers, Kubernetes IngressNightmare, and More.
QWCrypt ransomware specifically designed to encrypt data on Hyper-V virtual machines, Weaver Ant threat group…
Weekly Top 10: 03.24.2025: Semrush Impersonation Scam Hits Google Ads; Detecting and Mitigating Apache Tomcat, VSCode Extensions Found Downloading Early-Stage Ransomware, and More.
Weekly Top 10: 03.24.2025: Semrush Impersonation Scam Hits Google Ads; Detecting and Mitigating Apache Tomcat, VSCode…
Weekly Top 10: 03.17.2025: Meta Warns of Vulnerability in FreeType; ObscureBat Loader Cisco Vulnerability Leads to DoS of BGP Routers, and More.
Weekly Top 10: 03.17.2025: Meta Warns of Vulnerability in FreeType; ObscureBat Loader Cisco Vulnerability Leads to…
Weekly Top 10: 03.10.2025: Microsoft Took Down GitHub Repositories Used in Massive Malvertising Campaign; CISA Warns About Actively Exploited Vulnerabilities Exploited in-the-wild; EncryptHub OPSEC Failures Expose Their Infrastructure, and More.
Weekly Top 10: 03.10.2025: Microsoft Took Down GitHub Repositories Used in Massive Malvertising Campaign; CISA Warns…
Weekly Top 10: 03.03.2025: FBI Confirms Lazarus Hackers Were Behind $1.5B Bybit Crypto Heist; Dropping a 0 day: Parallels Desktop Repack Root Privilege Escalation; Android Trojan TgToxic Updates Its Capabilities, and More.
Weekly Top 10: 03.03.2025: FBI Confirms Lazarus Hackers Were Behind $1.5B Bybit Crypto Heist; Dropping a 0 day:…
Weekly Top 10: 02.24.2025: Record Cryptocurrency Heist Totals Over 1.6 Billion; New Strain of Android Malware Accrues Over 100K Downloads; New MacOS Malware Strain Spread via Fake Browser Updates, and More.
Weekly Top 10: 2.24.2025: Record Cryptocurrency Heist Totals Over 1.6 Billion; New Strain of Android Malware Accrues…
Weekly Top 10: 02.17.2025: DragonRank Seen Exploiting IIS Servers Across Asia; PostgreSQL Vulnerabilities Used to Breach BeyondTrust; Sarcoma Ransomware Operation Breached Unimicron, and More.
Weekly Top 10: 02.17.2025: DragonRank Seen Exploiting IIS Servers Across Asia; PostgreSQL Vulnerabilities Used to…
Weekly Top 10: 02.10.2025: PyPI Now Supports Project Archival; Critical RCE Bug in Microsoft Outlook; Stealers on the Rise: A Closer Look at a Growing macOS Threat, and More.
Weekly Top 10: 02.10.2025: PyPI Now Supports Project Archival; Critical Rce Bug in Microsoft Outlook Now Exploited in…