Cybersecurity Starts in the Boardroom
Here is another excellent breakdown, with screen shots, of phishing emails exploiting the Microsoft Word/Follina/ms-msdt flaw. Being aware of the types of phishing emails the threat actors use is part of the defence in depth you need to have great cyber security. TA570 Qakbot (Qbot) tries CVE-2022-30190 (Follina) exploit (ms-msdt) …
Continue reading “Active exploit for Follina – the still unpatched flaw in Microsoft Word”
Researchers at HP Wolf Security have started to see phishing spam email campaigns deploying a previously unknown malware family SVCReady. The HP security blog has a very good description of the malware and how it works – a bit techie – but towards the end it shows some images of …
The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) have issued a joint advisory about Chinese state sponsored threats. People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices | CISA Chinese threat actors have been detected actively …
Continue reading “Three US Agencies issue an advisory about Chinese threat actors”
This post was first published on 4 June 2022 Following the CISA alert, about vulnerability and active exploits, Atlassian has released new versions of their collaboration software, Confluence Server and Confluence Data Center. Atlassian Releases New Versions of Confluence Server and Data Center to Address CVE-2022-26134 | CISA Update 8 …
The prolific cyber criminal gang is back in the news – if it was ever out. Conti spotted working on exploits for Intel ME flaws • The Register The data extortion gang Karakurt is believed to be associated with the Conti gang. Not ransomware this time that encrypts your data …
