Resources

Filter By:
Threat Report
New Exchange Exploits Exploited in the Wild
News came out this week regarding a new method of exploiting Exchange that will bypass Microsoft’s recommended mitigations for ProxyNotShell.
security general icon
Cybersecurity
Threat Report
Patch Tuesday – December 2022
Latest security patches from Microsoft for December 2022
security general icon
Cybersecurity
Threat Report
Patch Tuesday – November 2022
Latest security patches from Microsoft for November 2022
security general icon
Cybersecurity
Threat Report
security general icon
Cybersecurity
Threat Report
ProxyNotShell: New Exchange 0-day Vulnerabilities
Security Researchers have discovered a new Microsoft Exchange vulnerability actively being exploited but not yet patched by Microsoft.
security general icon
Cybersecurity
Threat Report
Microsoft Teams Local Information Disclosure in Windows, Linux, and macOS
Security researchers have disclosed that the Microsoft Teams desktop application stores access tokens in clear-text.
security general icon
Cybersecurity
Threat Report
Patch Tuesday – September 2022
Today, September 13, is Patch Tuesday. Patch Tuesday is the second Tuesday of each month when Microsoft and other vendors, such as Adobe, release security updates to their products to patch discovered vulnerabilities. This month there was patches released for 64 new vulnerabilities with five rated with a severity of Critical, 57 Important, and two Moderate.
security general icon
Cybersecurity
Threat Report
Chrome Extension Banking Trojan Targeting Mexico
On August 20, 2022, the CRU observed a banking trojan delivered via a .zip file with a JavaScript payload. This script then downloaded several files that created persistence on the machine in the form of shortcuts that attempt to open the Google Chrome browser loaded with a planted extension. The goal of this malware was to steal banking credentials, specifically targeting banking logon pages from Mexico, and track victim browsing activity.
security general icon
Cybersecurity