Category: alerts
Cyber Security Monitor Alerts News Notifications. We monitor and send notifications on the latest Cyber Security alerts, blogs, news on data breaches and emerging cyber threats.
-
Where Bug Bounty Programs Fall Flat
Some criminals package exploits into bundles to sell on cybercriminal forums years after they were zero days, while others say bounties aren’t enough . Read more
-
Cyber-Insurance Fuels Ransomware Payment Surge
Companies relying on their cyber-insurance policies to pay off ransomware criminals are being blamed for a recent uptick in ransomware attacks. Read more
-
Vulnerability Summary for the Week of May 24, 2021
Original release date: May 31, 2021 High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info aioseo — all_in_one_seo The All in One SEO – Best WordPress SEO Plugin – Easily Improve Your SEO Rankings before 4.1.0.2 enables authenticated users with “aioseo_tools_settings” privilege (most of the time admin) to execute… Read more
-
HPE Fixes Critical Zero-Day in Server Management Software
The bug in HPE SIM makes it easy as pie for attackers to remotely trigger code, no user interaction necessary. Read more
-
Joint CISA-FBI Cybersecurity Advisory on Sophisticated Spearphishing Campaign
Original release date: May 28, 2021 CISA and the Federal Bureau of Investigation (FBI) are responding to an ongoing spearphishing campaign targeting government organizations, intergovernmental organizations, and non-governmental organizations. A sophisticated cyber threat actor leveraged a compromised end-user account from Constant Contact—a legitimate email marketing software company—to spoof a U.S. government organization and distribute links… Read more
-
AA21-148A: Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs
Original release date: May 28, 2021 Summary The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are responding to a spearphishing campaign targeting government organizations, intergovernmental organizations (IGOs), and non-governmental organizations (NGOs). A sophisticated cyber threat actor leveraged a compromised end-user account from Constant Contact, a legitimate email marketing software… Read more
-
FBI Update on Exploitation of Fortinet FortiOS Vulnerabilities
Original release date: May 28, 2021 The Federal Bureau of Investigation (FBI) has released an FBI FLASH, APT Actors Exploiting Fortinet Vulnerabilities to Gain Access for Malicious Activity, which describes advanced persistent threat (APT) actors exploiting known Fortinet FortiOS vulnerabilities. APT actors may exploit these vulnerabilities to gain initial access to multiple government, commercial, and… Read more
-
Building Multilayered Security for Modern Threats
Justin Jett, director of audit and compliance for Plixer, discusses the elements of a successful advanced security posture. Read more
-
Targeted AnyDesk Ads on Google Served Up Weaponized App
Malicious ad campaign was able to rank higher in searches than legitimate AnyDesk ads. Read more
-
Microsoft Announces New Campaign from NOBELIUM
Original release date: May 27, 2021 The Microsoft Threat Intelligence Center (MSTIC) has released information on the uncovering of a widespread malicious email campaign undertaken by the activity group that Microsoft tracks as NOBELIUM. NOBELIUM was initially identified in November 2020, during an intrusion at a major cybersecurity organization. Microsoft security researchers identify NOBELIUM as the actor… Read more