On Thursday, September 29th, 2022, GTSC–a Vietnam-based cybersecurity company–published a blog detailing intrusion they investigated that chained together two exploits for Microsoft Exchange zero-day vulnerabilities
Key Takeaways: The second quarter of 2022 saw a significant uptick in business email compromise (“BEC”) attacks, accounting for over a third of total cases
On Friday, September 23, 2022, Sophos disclosed a critical code injection vulnerability impacting Sophos Firewall. This vulnerability, assigned CVE-2022-3236, affects Sophos Firewall versions v19.0 MR1
The Arctic Wolf Labs team has observed recent cyber breaches at large organizations and identified a similar TTP used across each for initial access in
Key Takeaways Arctic Wolf Labs assesses with medium confidence that the Lorenz ransomware group exploited CVE-2022-29499 to compromise Mitel MiVoice Connect to gain initial access
On Wednesday, August 3, 2022, Cisco disclosed two critical-severity vulnerabilities (CVE-2022-20842 and CVE-2022-20827) impacting RV160, RV260, RV340, and RV345 series small business routers. Both vulnerabilities
On Tuesday, August 2, 2022, VMware disclosed a critical-severity authentication bypass vulnerability (CVE-2022-31656) impacting multiple VMware products, including VMware’s Workspace ONE Access, Identity Manager (vIDM),
On Thursday, July 21, 2022, SonicWall disclosed a critical severity vulnerability – CVE-2022-22280 – impacting their Analytics On-Prem and Global Management System (GMS) products, which
On Wednesday, July 20, 2022, Cisco disclosed a critical severity vulnerability – CVE-2022-20857 – impacting Cisco Nexus Dashboard, an integrated dashboard used for visibility and
On Wednesday, July 20, 2022, Atlassian released patches to remediate two critical vulnerabilities (CVE-2022-26136 and CVE-2022-26137) that impact how Atlassian products implement Servlet Filters and
On Wednesday, June 29, 2022, Horizon3.ai published a proof-of-concept (PoC) exploit that targets CVE-2022-28219, a critical attack chain that includes unauthenticated XML External Entities (XXE),
On Tuesday, June 14, 2022, Citrix released patches for multiple vulnerabilities, including CVE-2022-27511, an unauthenticated remote privilege escalation vulnerability affecting Citrix Application Delivery Management (ADM).
On Friday, May 27, Security vendor nao_sec identified a malicious document leveraging a zero-day RCE vulnerability (CVE-2022-30190) in Microsoft Windows Support Diagnostic Tool (MSDT). The
On Friday, May 27, 2022, Security vendor nao_sec identified a malicious document leveraging a zero-day remote code execution RCE vulnerability (CVE-2022-30190) in Microsoft Windows Support
On Wednesday, May 18, 2022, VMware published an advisory (VMSA-2022-0014) to address multiple vulnerabilities, including CVE-2022-22972, an authentication bypass vulnerability affecting VMware Workspace ONE Access,
