#APT

By Jung soo An and Asheer Malhotra, with contributions from Kendall McKay. Cisco Talos has observed a new malware campaign operated by the Kimsuky APT group since June 2021.Kimsuky, also known as Thallium and Black Banshee, is a North Korean state-sponsored advanced... [[ This is only the beginning! Please visit the blog for the complete entry ]]

Hello everyone! This episode will be about relatively recent critical vulnerabilities. Let’s start with Microsoft Patch Tuesday for October 2021. Specifically, with the vulnerability that I expected there, but it didn’t get there. Autodiscover leak discovered by Guardicore Labs “Autodiscover, a protocol used by Microsoft Exchange for automatic configuration of clients such as Microsoft Outlook, […]

APT actors are exploiting a recently-discovered flaw in ManageEngine's self-service password management product. Categories: Exploits and vulnerabilities Tags: adselfservice plus APT cgcyber cisa cve-2021-40539 fbi managengine Zoho *( Read more... ( https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/09/fbi-and-cisa-warn-of-apt-groups-exploiting-adselfservice-plus/ ) )* The post FBI and CISA warn of APT groups exploiting ADSelfService Plus appeared first on Malwarebytes Labs.