Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 

Threat Intelligence Reports

Threat Intelligence Reports

Excerpts from Check Point Research among other places.

Aaron_Rose
Employee
Employee

This is the Your Check Point weekly newsletter.

  • Upcoming Events & Announcements
  • Training Resources
  • Weekly Threat Intelligence (credit: Check Point Threat Research Teams)
    • Ransomware gang Lapsus$, which took responsibility for last week’s breach on the giant chip firm NVIDIA, claims it has now managed to breach the Korean manufacturer Samsung, and published 190GB of sensitive data online.
    • As part of the NVIDIA leak by the Lapsus$ ransomware gang were 2 stolen code signing certificates used by to sign their drivers and executables. Attackers have already started using these certificates to sign malware, hoping to evade security solutions.
Read more...

Read more
0 0 499
Aaron_Rose
Employee
Employee

This is the Your Check Point weekly newsletter.

  • Upcoming Events & Announcements
  • Training Resources
  • Weekly Threat Intelligence (credit: Check Point Threat Research Teams)
    • CISA has warned of 2 vulnerabilities in Zabbix IT monitoring tool that are actively exploited in the wild.
    • Cisco has addressed four security vulnerabilities in new updates: CVE-2022-20650, a command injection flaw in the NX-API feature of Cisco NX-OS Software, CVE-2022-20623 & CVE-2022-20624, two DoS flaws in NX-OS, and CVE-2022-20625, another DoS vulnerability in the Cisco Discovery Protocol.
Read more...

Read more
0 0 612
Aaron_Rose
Employee
Employee

This is the Your Check Point weekly newsletter.

  • Upcoming Events & Announcements
  • Training Resources
  • Weekly Threat Intelligence (credit: Check Point Threat Research Teams)
    • Cisco has released patches for several flaws in Cisco Small business RV series routers (RV160, RV260, RV340 and RV345) - CVE-2022-20699 - a critical vulnerability which could allow remote executive of arbitrary code by unauthenticated attackers. 
    • APT35 group  has upgraded its toolkit and is now leveraging a new PowerShell-based implant named “PowerLess Backdoor”. The code runs in a .NET application and won’t launch powershell.exe, allowing evasion from security defenses.
Read more...

Read more
1 0 616
Aaron_Rose
Employee
Employee

This is the Your Check Point weekly newsletter.

  • Upcoming Events & Announcements
  • Training Resources
  • Weekly Threat Intelligence (credit: Check Point Threat Research Teams)
    • An unauthenticated stack-based buffer overflow flaw (CVE-2021-20038) has been found in SonicWall Secure Mobile Access Gateways & is being actively exploited.
    • New MacOS cyberespionage malware dubbed “DazzleSpy” is being leveraged in Watering-Hole attacks
    •  
Read more...

Read more
0 0 592
Aaron_Rose
Employee
Employee

This is the Your Check Point weekly newsletter.

  • Upcoming Events & Announcements
  • Training Resources
  • Weekly Threat Intelligence (credit: Check Point Threat Research Teams)
    • Educational platform provider FinalSite has been hit by a ransomware attack that disrupted thousands of schools receiving their services across 115 different countries.
    • FIN7 hackers have been sending malicious USB devices through the US postal services, targeting critical infrastructure. 
Read more...

Read more
0 0 635
Aaron_Rose
Employee
Employee

This is the Your Check Point weekly newsletter.

  • Upcoming Events & Announcements
  • Training Resources
  • Weekly Threat Intelligence (credit: Check Point Threat Research Teams)
    • AvosLocker operators provide a free decryptor after realizing they hit a US police department.  #HackerWithAHeart or Fear of Prosecution? 🙂 
    • Apache Releases version 2.17.1 to address Log4J issue (CVE-2021-44832) (lower severity than the original Log4Shell) 
Read more...

Read more
0 0 647
Aaron_Rose
Employee
Employee

This is the Your Check Point weekly newsletter.

  • Upcoming Events & Announcements
  • Training Resources
  • Weekly Threat Intelligence (credit: Check Point Threat Research Teams)
    • The patch for CVE-2021-41379 can be bypassed, enabling elevation of privileges in Windows 10 and 11 and Windows Server (a patch for the patch to fix the vulnerability.... 🙂 )
    • The FBI is warning of a surge in spear-phishing email campaigns targeting customers of "brand-name companies", delivered in both emails and SMS messages.
Read more...

Read more
0 0 647
Aaron_Rose
Employee
Employee

This is the Your Check Point weekly newsletter.

  • Upcoming Events & Announcements
  • Training Resources
  • Weekly Threat Intelligence (credit: Check Point Threat Research Teams)
    • Cisco releases updates to patch critical vulnerabilities in their products, allowing attackers to log in using hard coded credentials or default SSH keys

    • A serious heap-overflow flaw found in a Linux kernel module could allow RCE, leading to a pull system compromise (CVE-2021-43267)

    • CISA orders US Federal agencies to patch 276 significant vulnerabilities

       

Read more...

Read more
0 0 641
Aaron_Rose
Employee
Employee

This is the Your Check Point weekly newsletter.

  • Upcoming Events & Announcements
  • Training Resources
  • Weekly Threat Intelligence (credit: Check Point Threat Research Teams)
    • Lazarus (AKA Hidden Cobra) has conducted a supply-chain campaign against IT companies and think tanks.
    • A Privilege Escalation Vulnerability has been found, affecting all versions of MS Windows (CVE-2021-34484)
Read more...

Read more
0 0 759
Aaron_Rose
Employee
Employee

This is the Your Check Point weekly newsletter.

  • Upcoming Events & Announcements
  • Training Resources
  • Weekly Threat Intelligence (credit: Check Point Threat Research Teams)
    • Atom Silo, a new ransomware operator, is targeting a recently patched and actively exploited Atlassian Confluence Server & Data Center vulnerability (CVE-2021-26084)
    • Google has issued October’s Android security updates, fixing 41 high to critical severity flaw
Read more...

Read more
1 0 810