Cybersecurity Attacks

Cyber actors continue to exploit Log4Shell vulnerability (CVE-2021-44228) in VMware Horizon Systems (updated)

The Cybersecurity and Infrastructure Security Agency (CISA) warns cyber actors continue to exploit Log4Shell vulnerability (CVE-2021-44228) in VMware Horizon Systems.

Tags: , , , , , , , , ,

H0lyGh0st ransomware actors target small and midsize businesses

Security researchers from Microsoft warn threat actors from North Korea are using H0lyGh0st ransomware to target small and midsize businesses around the globe.

Tags: , , , , , , , , , , , , , , , , , , ,

ZuoRAT targets SOHO devices to launch sophisticated multi-stage cyber attacks

Threat actors are using a multi-stage malware dubbed ZuoRAT to exploit small office/home office (SOHO) routers and launch sophisticated attacks against North American and European networks.

Tags: , , , , , , , , , , , , ,

CISA adds 8 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include PwnKit)

The Cybersecurity and Infrastructure Security Agency (CISA) has added eight vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include two Apple, Mitel, Google Chromium, and the RedHat “PwnKit” vulnerability (CVE-2021-4034) in Polkit’s pkexec tool.

Tags: , , , , , , , , , ,

CISA adds Critical Microsoft diagnostics tool vulnerability to Catalog of exploited vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) has added one Microsoft Support Diagnostic Tool (MSDT) vulnerability CVE-2022-30190 (aka “Follina”) to its Known Exploited Vulnerabilities Catalog.

Tags: , , , , , , ,