Microsoft MSHTML flaw exploited in Gmail and Instagram phishing scam

By Deeba Ahmed
The attacks started in July 2021 in which threat actors exploited Microsoft MSHTML vulnerability to target overseas Iranians.
This is a post from HackRead.com Read the original post: Microsoft MSHTML flaw exploited in Gmail and Instagram… Continue reading Microsoft MSHTML flaw exploited in Gmail and Instagram phishing scam

How likely are mid-market organizations to experience a breach by the end of 2021?

Coro released an extensive cybersecurity research report revealing a true market failure: a severe lack of preparedness of the mid-market sector, which is comprised of companies with between 100 and 1,500 employees, to defend against an expanding array… Continue reading How likely are mid-market organizations to experience a breach by the end of 2021?

At least 3 Quad-Cities municipalities have fallen victim to cyber attacks

Sarah Watson reports: … In the Quad-Cities, at least three local governments paid out more than $100,000 to scammers. In all three cases, the criminals emailed local government officials pretending to be legitimate vendors the cities worked with…. Continue reading At least 3 Quad-Cities municipalities have fallen victim to cyber attacks

PoC Exploit Published for Latest Microsoft Exchange Zero-Day

A security researcher has released proof-of-concept (PoC) exploit code for a recently patched code execution vulnerability affecting on-prem Microsoft Exchange Server installations.
read more

Continue reading PoC Exploit Published for Latest Microsoft Exchange Zero-Day

Threats to ICS and industrial enterprises in 2022

In recent years, we have observed various trends in the changing threat landscape for industrial enterprises. We can say with high confidence that many of these trends will not only continue, but gain new traction in the coming year. Continue reading Threats to ICS and industrial enterprises in 2022

Severe Code Execution Vulnerabilities Affect OpenVPN-Based Applications

Security researchers at Claroty have raised the alarm for a series of severe code execution vulnerabilities affecting virtual private network (VPN) solutions relying on OpenVPN.
read more

Continue reading Severe Code Execution Vulnerabilities Affect OpenVPN-Based Applications

U.S. Agencies Share More Details on ADSelfService Plus Vulnerability Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Coast Guard Cyber Command (CGCYBER) have shared new details on in-the-wild attacks targeting a recently patched flaw in Zoho’s ManageEn… Continue reading U.S. Agencies Share More Details on ADSelfService Plus Vulnerability Exploitation