The following advisories/alerts from Novacoast are intended to brief users and administrators on newly discovered threats, vulnerabilities, and critical software updates.
Microsoft Warns of Two Actively-Exploited Exchange Zero-Days
SEPTEMBER 30, 2022 19:35 GMT This alert from Pillr is intended to brief users and administrators on newly discovered…
Weekly Top Ten Cybersecurity Stories – 9.30.2022
Microsoft Exchange Zero-Day CVE-2022-41040 and CVE-2022-41082, Malicious vSphere Installers, Okta subsidiary…
Weekly Top Ten Cybersecurity Stories – 9.23.2022
GIFShell Exploit for Microsoft Teams, Emotet now distributing Quantum and Blackcat ransomware, Leveraging MFA…
Weekly Top Ten Cybersecurity Stories – 9.9.2022
EvilProxy Phishing-as-a-Service Capable of Bypassing MFA, Cisco patches End-of-Life products, FBI warns of Vice…
Weekly Top Ten Cybersecurity Stories – 9.2.2022
Lockbit DDoS Triple Extortion, LastPass source code breach, Log4Shell continues to be used as initial access vector,…
Weekly Top Ten Cybersecurity Stories – 8.26.2022
Palo Alto reports uptick in Phishing abuse of SaaS platforms, Oktapus phishing campaign hits 130+ companies, Cisco…
CISA Warns of Exploited DDoS Vulnerability Impacting Palo Alto Firewalls
A new vulnerability in Palo Alto's PAN-OS affects firewalls, opening them up to potential amplified and reflected…
Weekly Top Ten Cybersecurity Stories – 8.19.2022
Bumblebee malware loader increase, DarkTortilla crypter not delicious, cryptominer-laced PyPI packages, McAfee…
Weekly Top Ten Cybersecurity Stories – 8.5.2022
Cisco high-severity vulnerabilities, FCC warns of smishing, Defender bypassed by LockBit 3.0, Atlassian Confluence abused
VMWare Patches Severe Vulnerabilities Across Multiple Platforms
Earlier this week, VMWare published a critical security advisory that addresses security vulnerabilities in multiple…
Weekly Top Ten Cybersecurity Stories – 7.29.2022
Messaging apps malware deployment, Phishing-as-as-Service, CosmicStrand firmware rootkit, LockBit targets small town
Weekly Top Ten Cybersecurity Stories – 7.8.2022
Microsoft WebView2 MFA Bypass, AstraLocker Smash 'n Grab, OpenSSL Memory Corruption Vuln, UnRAR Arbitrary Code Execution