Category: Weekly

  • News Week Ending June 26, 2022

    Borat Malwareby Artie Kaye Fans of the Borat movies may be surprised to discover that his name has been co-opted by a malware group.  This remote access trojan, or RAT, is a suite of malware programs that includes ransomware, spyware, and functions to turn infected machines into DDoS vectors, among many other possible functions.  Trojans…

  • News Week Ending June 19, 2022

    Follina Patchby Artie Kaye Microsoft has released a patch for Follina, which is actively being used to attack users.  Follina is an exploit that exists in Office.  If a user downloads a compromised file and opens it using Office, there is a script hidden in the document that will run and give the attacker access…

  • News Week Ending June 12, 2022

    How Lapsus$ Gains Accessby Artie Kaye Even with the arrests made in the UK, Lapsus$ compromised the databases at Globant.  The current understanding of how the group gains access to companies is through their technological supply chain.  If a large company is doing business with a smaller one, Lapsus$ targets the smaller one to attempt…

  • News Week Ending June 5, 2022

    Sophos Firewall Patchby Artie Kaye A high threat vulnerability has been found in Sophos Firewall.  Sophos has identified the problem and has released a patch.  If you’re running Sophos Firewall version 18.5.3 or older, patch this as soon as you can.  It is actively being sought after and exploited by malicious entities.   The flaw is…

  • News Week Ending May 29, 2022

    Spring4Shell Botnet Flawby Artie Kaye The Spring4Shell Java exploit is currently being used to help propagate the Mirai botnet.  Mirai targets Linux-based network devices to infect, adding them to the botnet.  These bots can be deployed to obfuscate where an attack originated from by channeling the commands through an infected device.  Spring4Shell currently affects Spring…