The following advisories/alerts from Novacoast are intended to brief users and administrators on newly discovered threats, vulnerabilities, and critical software updates.
Weekly Top Ten Cybersecurity Stories – 1.20.2023
Poisoned Google search results create convincing phishing websites, 4000+ Sophos firewalls remain unpatched and…
Weekly Top Ten Cybersecurity Stories – 1.13.2023
CISA adds Exchange privilege escalation bug to "known exploited" catalog, Fake AnyDesk websites deploying info…
Weekly Top Ten Cybersecurity Stories – 1.6.2023
Meddler-in-the-Middle phishing attacks bypass MFA, IcedID banking trojan Zoom phishing, Linux malware backdoor in…
Weekly Top Ten Cybersecurity Stories – 12.16.2022
New SQL Injection attack capable of bypassing WAF, SPNEGO vulnerability reclassified "Critical", NSA urges patching…
Critical Citrix ADC and Gateway Zero-Day Actively Exploited
Citrix has announced the release of an update to Citrix ADC and Gateway Appliance which patches CVE-2022-27518, a…
Weekly Top Ten Cybersecurity Stories – 12.9.2022
Supply chain manufacturer servers at risk, CISA calls to patch Chrome, ZeroBot exploiting hardware vulnerabilities,…
Weekly Top Ten Cybersecurity Stories – 12.2.2022
Fortinet bug actively exploited, GoTo discloses breach of development and cloud storage, LastPass reports secondary…
Weekly Top Ten Cybersecurity Stories – 11.18.2022
Windows Kerberos authentication malfunctions after Patch Tuesday, AgentTesla and LockBit 3.0 most prevalent of Q3,…
Weekly Top Ten Cybersecurity Stories – 11.11.2022
Expansive YouTube phishing campaign deploying infostealers, latest Emotet strain delivers IcedID and Bumblebee,…
Weekly Top Ten Cybersecurity Stories – 11.4.2022
SocGholish JavaScript malware framework distributed to hundreds of news websites across U.S., unofficial patch made…
Weekly Top Ten Cybersecurity Stories – 10.28.2022
Windows flaw allows Javascript execution to bypass security features, Massive typosquatting campaign tricks…
Increased Scanning Activity for Recent Exchange SSRF Vulnerabilities
OCTOBER 24, 2022 21:18 GMT Attempts to exploit the chained attack utilizing CVE-2022-41040 and CVE-2022-41082 are…