News/Intelligence/IOCs Stories New Meta information stealer distributed in malspam campaign – LINK EU officials were targeted with Israeli surveillance software – LINK FBI, Europol Seize RaidForums Hacker Forum and Arrest Admin – LINK Enemybot: a new Mirai, Gafgyt hybrid botnet joins the scene – LINK Clueless hackers spent months inside a network and nobody noticed. […]
Information from Wednesday afternoon to Thursday morning. News/Intelligence/IOCs Stories CISA Adds Three Known Exploited Vulnerabilities to Catalog – LINK Nearly Two-Thirds of Ransomware Victims Paid Ransoms Last Year, Finds “2022 Cyberthreat Defense Report” – LINK WatchGuard waited 11 months to explicitly disclose critical flaw exploited by Sandworm – LINK New FFDroider malware steals Facebook, Instagram, […]
Information from Monday afternoon to Tuesday morning. News/Intelligence/IOCs Stories CISA Adds Four Known Exploited Vulnerabilities to Catalog – LINK Zyxel patches critical vulnerability that can allow Firewall and VPN hijacks – LINK Cyclops Blink Malware Targeting WatchGuard Firewalls – LINK Lapsus$ Threat Actor Demonstrates Access to Backend Okta Tooling – LINK Ransomware Will Grind You […]
CVE ID Vulnerability Name Due Date CVE-2020-5135 SonicWall SonicOS Buffer Overflow Vulnerability 4/5/2022 CVE-2019-1405 Microsoft Windows UPnP Service Privilege Escalation Vulnerability 4/5/2022 CVE-2019-1322 Microsoft Windows Privilege Escalation Vulnerability 4/5/2022 CVE-2019-1315 Microsoft Windows Error Reporting Manager Privilege Escalation Vulnerability 4/5/2022 CVE-2019-1253 Microsoft Windows AppX Deployment Server Privilege Escalation Vulnerability 4/5/2022 CVE-2019-1129 Microsoft Windows AppXSVC Privilege Escalation […]
CISA has added 95 new known exploited vulnerabilities. – Take a look HERE for the downloadable CSV version of all the vulnerabilities on that catalog.
LINK CVE ID Vulnerability Name Due Date CVE-2022-23131 Zabbix Frontend Authentication Bypass Vulnerability 3/8/2022 CVE-2022-23134 Zabbix Frontend Improper Access Control Vulnerability 3/8/2022
LINK CISA has added more vulnerabilities that need to be resolved for organizations. If you are looking for a complete list of all these Vulnerabilities, here is a CSV of the list.
CISA has added another 15 known vulnerabilities to their most exploited list of vulnerabilities. HERE is a link of ALL the vulnerabilities in a CSV.
LINK to the CSV file CVE Number CVE Title Remediation Due Date CVE-2021-43890 Microsoft Windows AppX Installer Spoofing Vulnerability 12/29/2021 CVE-2021-4102 Google Chromium V8 Engine Use-After-Free Vulnerability 12/29/2021