threat research – Page 17 – PossibleThreat Articles

Confluence exploits used to drop ransomware on vulnerable servers

June 16, 2022 0 Comments atlassian, cerber, confluence, cryptoguard, cve-2022-26134, featured, Intercept X, PowerShell, Ransomware, security operations, sophos managed threat response (mtr), SophosLabs Uncut, threat research, tomcat, webshell

Credit to Author: Andrew Brandt| Date: Thu, 16 Jun 2022 11:00:03 +0000

Automated attacks are now widely exploiting the Atlassian vulnerability

Security Sophos

Sophos uncovers how APT groups carried out highly targeted attack

June 15, 2022 0 Comments #elf, APT, products & services, SophosLabs Uncut, targeted attacks, threat research

Credit to Author: Andrew Brandt| Date: Wed, 15 Jun 2022 21:16:52 +0000

Two groups with common task targeted network security devices in two-stage attacks, dropping remote access tools.

Security Sophos

Telerik UI exploitation leads to cryptominer, Cobalt Strike infections

June 15, 2022 0 Comments cobalt strike, Cryptomining, cve-2017-11357, cve-2017-1137, cve-2019-18935, PowerShell, security operations, SophosLabs Uncut, telerik, threat research, xmrig

Credit to Author: Matt Wixey| Date: Wed, 15 Jun 2022 11:00:05 +0000

Attacker targets bugs in a popular web application graphical interface development tool

Security Sophos

Lighter Patch Tuesday for June remains rich in LDAP vulns

June 14, 2022 0 Comments 2022-06, Patch Tuesday, SophosLabs Uncut, threat research

Credit to Author: Angela Gunn| Date: Tue, 14 Jun 2022 18:24:12 +0000

The second-lightest set of updates so far in 2022 goes heavy on RCEs, brings along four Intel patches for company

Security Sophos

‘Follina’ Word doc taps previously unknown Microsoft Office vulnerability

June 8, 2022 0 Comments cve-2022-30190, featured, follina, Microsoft Office, ms-msdt, msdt, msdt.exe, SophosLabs Uncut, threat research, vulnerability, zero day

Credit to Author: Andrew Brandt| Date: Tue, 31 May 2022 00:41:42 +0000

MSDT.exe misuse in May makes for Memorial Day Monday mayhem

Security Sophos

Move fast, unbreak things: About the Sophos Active Adversary Playbook 2022

June 7, 2022 0 Comments active adversary playbook, security operations, SophosLabs Uncut, threat research

Credit to Author: Angela Gunn| Date: Tue, 07 Jun 2022 11:16:50 +0000

Our latest report shows that the most pleasant way to learn from Rapid Response mayhem is to read about how it worked out for someone else

Security Sophos

Analyzing CVE-2022-0778: When Square Root Results in a Denial of Service

June 1, 2022 0 Comments Cryptography, DOS, OpenSSL, sophos secops, SophosLabs Uncut, threat research

Credit to Author: hardikshah| Date: Wed, 01 Jun 2022 14:31:06 +0000

How could a humble SSL certificate entirely gridlock a system? Walk with us through the math

Security Sophos

Malicious Word doc taps previously unknown Microsoft Office vulnerability

May 30, 2022 0 Comments featured, follina, Microsoft Office, ms-msdt, msdt, msdt.exe, SophosLabs Uncut, threat research, vulnerability, zero day

Credit to Author: Andrew Brandt| Date: Tue, 31 May 2022 00:41:42 +0000

MSDT.exe misuse in May makes for Memorial Day Monday mayhem

Security Sophos

Liquidity mining scams add another layer to cryptocurrency crime

May 17, 2022 0 Comments cryptocurrency, featured, liquidity mining, scams, SophosLabs Uncut, threat research

Credit to Author: gallagherseanm| Date: Tue, 17 May 2022 11:52:33 +0000

Organized rings use fake apps, malicious smart contracts, and lure of big returns to swindle victims out of their savings.

Security Sophos

Hyper-V and Active Directory Front and Center for May Patch Tuesday

May 10, 2022 0 Comments Hyper-V, Microsoft, Patch Tuesday, SophosLabs Uncut, threat research, Windows

Credit to Author: Christopher Budd| Date: Tue, 10 May 2022 17:47:43 +0000

Organizations should look at last month’s and this month’s bulletins and put their Hyper-V and Active Directory servers and infrastructure at the top of the priority list.