CISA Adds Three Known Exploited Vulnerabilities to Catalog   | CISA These alerts are for SAP NetWeaver.
Stealth Linux malware – using new methods of evasion
The discovery of Linux backdoor malware is unusual as it uses stealth techniques that have not been seen before. This malware is extremely hard to detect as it does a very efficient job of cleaning the infected systems of any traces of it’s operations. Once infected the malware gives high …
Continue reading “Stealth Linux malware – using new methods of evasion”
The US Cybersecurity and Infrastructure Security Agency adds 36 known exploits to it’s data base
CISA Adds 36 Known Exploited Vulnerabilities to Catalog  | CISA Updates to the Known Exploited Vulnerabilities Catalog include: Owl Labs QNAP Google Cisco Adobe Netgear Microsoft
Active exploit for Follina – the still unpatched flaw in Microsoft Word
Here is another excellent breakdown, with screen shots, of phishing emails exploiting the Microsoft Word/Follina/ms-msdt flaw. Being aware of the types of phishing emails the threat actors use is part of the defence in depth you need to have great cyber security. TA570 Qakbot (Qbot) tries CVE-2022-30190 (Follina) exploit (ms-msdt) …
Continue reading “Active exploit for Follina – the still unpatched flaw in Microsoft Word”
New in the wild malware – SVCReady
Researchers at HP Wolf Security have started to see phishing spam email campaigns deploying a previously unknown malware family SVCReady. The HP security blog has a very good description of the malware and how it works – a bit techie – but towards the end it shows some images of …
