The Gootkit malware framework, which has been recognized for distributing banking Trojans, has recently undergone significant enhancements that enable it to deliver a broader spectrum of malicious software, including ransomware variants. According to researchers from Sophos, Gabor Szappanos and Andrew Brandt, the Gootkit malware family has been in existence for…
On Friday, Microsoft issued a grave warning regarding the active exploitation of vulnerabilities in unpatched Microsoft Exchange Servers affecting numerous organizations globally. The cyberattack campaigns reportedly compromise tens of thousands of businesses and government bodies across the United States, Europe, and Asia. The company’s security team reported a significant escalation…
In April 2024, Microsoft announced a critical security update addressing an unprecedented 149 vulnerabilities, with two of these flaws identified as actively exploited threats. This latest update categorizes three of the vulnerabilities as Critical, 142 as Important, three as Moderate, and one as Low in severity. Additionally, the update follows…
Following Microsoft’s recent release of a mitigation tool aimed at addressing cyberattacks targeting on-premises Exchange servers, the company reported that 92% of the internet-facing servers affected by the ProxyLogon vulnerabilities have been patched. This marks a substantial improvement of 43% from the previous week, closing a tumultuous period rife with…
Microsoft has announced the release of security updates addressing 118 vulnerabilities in its software suite, two of which have been identified as actively exploited vulnerabilities in the wild. Among these vulnerabilities, three have been classified as Critical, while 113 are rated Important, and two are deemed Moderate. Notably, this Patch…
Recent cybersecurity reports indicate that threat actors are actively exploiting a critical security vulnerability in Veeam Backup & Replication software to deploy ransomware variants such as Akira and Fog. Sophos, a recognized cybersecurity vendor, has noted ongoing attacks that utilize compromised VPN credentials alongside the CVE-2024-40711 vulnerability to gain unauthorized…
Recently patched security vulnerabilities affecting Progress Kemp LoadMaster and VMware vCenter Server have been reported as actively exploited in the wild. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) highlighted the severity of these issues on Monday, adding CVE-2024-1212—which has received a maximum severity score of 10.0—to its Known Exploited…
Sophos Issues Critical Security Hotfixes for Firewall Vulnerabilities Sophos has recently released crucial security hotfixes addressing three vulnerabilities within its Firewall products. These flaws could potentially be exploited to facilitate remote code execution, granting unauthorized privileged access to attackers under specific conditions, posing significant risks to organizations reliant on these…
Recent reports indicate a worrying trend among ransomware groups that are increasingly employing remote encryption methods in their cyberattacks. This evolution signifies a notable escalation in the strategies utilized by financially motivated actors seeking to amplify the efficacy of their operations. Mark Loman, the Vice President of Threat Research at…
