| Mar 1, 2022 Flash Notice: HermeticWizard, HermeticRansom, and IsaacWiper Target Ukraine This week, ESET researchers discovered three new cyber attacks against Ukraine: HermeticWizard, HermeticRansom, and IsaacWiper.
| Feb 24, 2022 Flash Notice: [New Malware] - CISA Warns of Renewed Russian Threat as New Activity is Seen in Ukraine Tension between Russia and Ukraine is at an all-time high. While there are currently no credible threats to the U.S., there is still imminent possibility.
| Feb 22, 2022 Flash Notice: [CVE-2021-24086] Critical RCE Bug in Adobe Commerce, Magento On February 18, 2022, Adobe released a patch for CVE-2021-24086 that fixes an RCE bug in the Magento Open Source and Adobe Commerce platforms.
| Feb 15, 2022 Flash Notice: Moxa MXview Network Management Software has Critical Security Flaws On February 14, 2022, researchers from Claroty’s Team82 disclosed several security flaws in the Moxa MXview web-based network management system.
| Feb 9, 2022 Flash Notice: LockBit 2.0 - FBI Releases New IoCs for Ransomware Attacks On Friday, February 4, 2022, the FBI released technical details and new indicators of compromise associated with LockBit 2.0.
| Jan 26, 2022 Flash Notice: “PwnKit”: Linux PolicyKit Security Vulnerability Discovered in Polkit’s Pkexec, Hiding in Plain Sight for 12 years A memory corruption vulnerability was discovered in Polkit’s pkexec. CVE-2021-4034, aka PwnKit, could allow unprivileged users to gain root privileges by exploiting it in its default configuration.
| Jan 26, 2022 Flash Notice: Threat Actors Target SonicWall RCE Vulnerability (CVE-2021-20038) New exploits of a critical vulnerability (CVE-2021-20038) affecting SonicWall's Secure Mobile Access (SMA) gateway was discovered yesterday.
| Jan 18, 2022 Flash Notice: Microsoft Warns - Ukrainian Organizations Targeted by Destructive Malware Disguised as Ransomware Microsoft published a report detailing their discovery of malware disguised as ransomware being used to corrupt systems of several Ukrainian organizations.
| Jan 3, 2022 Flash Notice: Y2K22? Microsoft Exchange Server Breaks as we Welcome the New Year As the clock struck midnight on 1/1/2022, Microsoft had an unexpected hiccup with its Exchange servers, which meant the servers couldn't process mail.
| Dec 13, 2021 Flash Notice: (UPDATED) Zero-Day Vulnerability - Log4Shell is a Critical Threat to Applications Security teams are in a hurry to patch an unknown active vulnerability that was found in Apache’s Log4j and is now named Log4Shell ((CVE-2021-44228).
