The GTIA ISAO is dedicated to providing critical threat intelligence to technology vendors, MSPs, solution providers, distributors, and their customers.
๐ฃ Join us TODAY as MJ Shoer, CompTIA, and Patrick Beggs, ConnectWise, delve into the recent ScreenConnect vulnerability and provide valuable insights on how to enhance #cybersecurity hygiene to safeguard against attacks ๐ ๐
๐ https://t.co/VxnVFDdHZg
#CompTIACommunity
Nominations for the 2023 Spotlight Awards are closing soon!
Do you know an active ISAO member who is a good fit for the Cybersecurity Award? Nominate them today!
Find the full details and nomination link here๐
https://t.co/6p1M2iCU5t
Nominations for the 2023 Spotlight Awards are open. Do you know an active ISAO member who is a good fit for the Cybersecurity Award? Nominate them today!
Find the full details and nomination link here๐
https://t.co/6p1M2iCU5t
This week on the Cyber5 podcast, we discuss a report that impacts all Cisco VPN routers, which have been end-of-life with a remote code executable needing attention. https://t.co/Vde7O397ak
Wayne Selk, executive director of the CompTIA ISAO, is back to review the latest activity in the Cyber Forums, including the Microsoft June Server Patch release and backups failing. https://t.co/nwjU5vlYzh
Chinese-linked threat actors are now actively exploiting a Microsoft Office zero-day vulnerability (known as 'Follina') to execute malicious code remotely on Windows systems. https://t.co/8ogMASpRMl
Phishing campaigns attributed to an advanced threat actor called SideWinder involved a fake VPN app for Android devices published on Google Play Store along with a custom tool that filters victims for better targeting. https://t.co/IduccCxLVZ
Microsoft has shared mitigation measures to block attacks exploiting a newly discovered Microsoft Office zero-day flaw abused in the wild to execute malicious code remotely.
Read: https://t.co/jL0r10lnAH
#ISAO#Cybersecurity
Microsoft warned of brute-forcing attacks targeting Internet-exposed and poorly secured Microsoft SQL Server database servers using weak passwords. https://t.co/Slh0NEjctM
#ISAO
WordPress security analysts have discovered a set of vulnerabilities impacting the Jupiter Theme and JupiterX Core plugins for WordPress, one of which is a critical privilege escalation flaw. https://t.co/AxYBtOE2Q5
#ISAO
Hackers are massively exploiting a remote code execution vulnerability, CVE-2021-25094, in the Tatsu Builder plugin for WordPress, which is installed on about 100,000 websites. https://t.co/u6rbmi6HYU
#ISAO
Security researchers have found a new post-exploitation framework that they dubbed IceApple, deployed mainly on Microsoft Exchange servers across a wide geography. https://t.co/rHXi1ivBga
#ISAO
The U.S. Cybersecurity and Infrastructure Security Agency has added a new security vulnerability to its list of actively exploited bugs, the critical severity CVE-2022-1388 affecting BIG-IP network devices. https://t.co/DMKaqMoJgr
#ISAO
Members of the Five Eyes intelligence alliance are warning #MSPs and their customers that they're increasingly targeted by supply chain attacks. https://t.co/0c4fFe3GGL
#ISAO
Yesterday was Microsoft's May 2022 Patch Tuesday, and with it came fixes for three zero-day vulnerabilities, with one actively exploited, and a total of 75 flaws. https://t.co/iuebbpuqRT
#ISAO
The notorious ransomware operation known as REvil (aka Sodin or Sodinokibi) has resumed after six months of inactivity, an analysis of new ransomware samples has revealed. https://t.co/z0USnKGPkb
#ISAO