You might be interested in …

[NCSC-FI News] New ‘post-exploitation’ threat deployed on Microsoft Exchange servers is spotted by researchers

Recently discovered malware that helps attackers capture, move and delete data is aimed at organizations’ Microsoft Exchange servers and has the capability to expand into other web applications, researchers at CrowdStrike reported Wednesday. The threat, dubbed IceApple, is used for “post-exploitation” tasks, the researchers said, meaning that “it does not provide access, rather it is […]

Read More

[SANS ISC] Downloader Disguised as Excel Add-In (XLL), (Fri, Nov 19th)

All posts, Sans-ISC

At the Internet Storm Center, we like to show how exotic extensions can be used to make victims feel confident to open malicious files. There is  an interesting webpage that maintains a list of dangerous extensions used by attackers: filesec.io[1]. The list is regularly updated and here is an example of malicious file that is currently […]

Read More

[SecurityWeek] SonicWall Patches Critical Vulnerability in Firewall Appliances

All posts, Security Week

SonicWall has released patches for a critical-severity vulnerability in the web management interface of multiple firewall appliances. Tracked as CVE-2022-22274 (CVSS score of 9.4), the security flaw is described as a stack-based buffer overflow bug that impacts SonicOS. read more Source: Read More (SecurityWeek RSS Feed)

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.