Search results

A cyber actor using previously documented intrusion tools has targeted major international Managed Service Providers (MSP’s) within Enterprise Services and Cloud Hosting businesses since at least May 2016.

CareCERT is aware of a recent spam email campaign which uses spoofed @hscic.gov.uk and @nhs.net email addresses to deliver a malicious link which, when clicked, downloads a malicious JavaScript attachment containing malware.

The Internet Systems Consortium (ISC) has released updates that address multiple vulnerabilities in BIND. A remote attacker could exploit any of these vulnerabilities to cause a denial-of-service condition.

A vulnerability found in Microsoft’s Internet Information Services (IIS) web server technology has been publicly detailed along with proof of concept exploit code.

IBM has released a security update to address a vulnerability in IBM Domino server IMAP EXAMINE. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected system

Google has released Chrome version 58.0.3029.81 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker may exploit to take control of an affected system.

Gh0stRAT is a remote access trojan affecting Windows platforms and has been used to hack into some of the most sensitive computer networks in the world. It is generally distributed via spam emails.

A fake SEO plugin is being used by attackers to compromise WordPress installations. The plugin is called WP-Base-SEO, and is a forgery of a legitimate search engine optimization plugin called WordPress SEO Tools.

Drupal has released an advisory to address a vulnerability in Drupal core 8.x versions prior to 8.2.8 and 8.3.1. A remote attacker could exploit this vulnerability to obtain sensitive information

The Shadow Brokers advanced persistent threat group are well known for auctioning off stolen dumps of exploits, implants and tools reportedly obtained from the NSA.