Skip to Content

Witchetty

Updated on 2022-09-30 In an ongoing cyberespionage campaign, the hacking group Witchetty has been found targeting two governments in the Middle East and a stock exchange in Africa. It is believed that Witchetty has close ties with the state-backed Chinese threat actor APT10, aka Cicada, and is also a part of the TA410 operatives. Read …

Read More about Witchetty

Potentially New Microsoft Exchange Zero-Day Flaw Actively Exploited

Updated on 2022-09-30 Zero-day remote code execution vulnerabilities in Microsoft Exchange servers are being actively exploited, according to researchers from GTSC. The flaws can be chained to deploy web shells on vulnerable servers. The GTSC researchers notified Microsoft of the vulnerabilities three weeks ago via the Zero Day Initiative, which has given them identifiers: ZDI-CAN-18333 …

Read More about Potentially New Microsoft Exchange Zero-Day Flaw Actively Exploited

New ESXi persistence technique

Updated on 2022-09-30 Mandiant discovered new espionage-related malware families—VIRTUALPITA and VIRTUALPIE—targeting VMware ESXi, Windows virtual machines, and Linux vCenter servers— to gain persistent administrative access. Read more: Bad VIB(E)s Part One: Investigating Novel Malware Persistence Within ESXi Hypervisors Overview Mandiant discovered a new persistence technique used against VMWare ESXi systems where threat actors gained access …

Read More about New ESXi persistence technique

ZINC APT

Updated on 2022-09-30 ZINC, a North Korean government hacking group and an affiliate of Lazarus, has been found weaponizing several open source software, including KiTTY, PuTTY, TightVNC, muPDF/Subliminal Recording, and Sumatra PDF Reader with custom malware capable of espionage, financial gain, data theft, and network destruction. Read more: North Korean Gov Hackers Caught Rigging Legit …

Read More about ZINC APT

MC441066: Microsoft Bookings Mobile Apps will not be available on Google Play store and Apple App Store from December 1, 2022

Microsoft Bookings is part of Microsoft 365 suite of products. It is currently available on the Web, as a Teams App and also as Mobile Apps on Google Play store and Apple App store. We will be retiring the Mobile Apps for Android and IOS on December 1, 2022 and we will be investing our …

Read More about MC441066: Microsoft Bookings Mobile Apps will not be available on Google Play store and Apple App Store from December 1, 2022

MC441065: Microsoft Purview | Information Protection: Maintain label when creating PDF files from VBA in Office apps (preview)

As recently announced, Microsoft Office is shipping a new feature that enables PDFs created from Office using Export to PDF to inherit the source document’s labels or encryption. Some VBA add-ins may need to be updated to avoid issues when post-processing an encrypted PDF. With this rollout, we are introducing a temporary mitigation to allow …

Read More about MC441065: Microsoft Purview | Information Protection: Maintain label when creating PDF files from VBA in Office apps (preview)

MC441064: Exchange Online Customizable Message Expiration Timeout Interval Coming Soon

A common request from Exchange Online admins is for the ability to customize the message expiration timeout interval for messages sent by users in their organization. When a message in Exchange Online can’t be delivered or sent due to a temporary error, the message is queued for subsequent retries until either the message is delivered …

Read More about MC441064: Exchange Online Customizable Message Expiration Timeout Interval Coming Soon

MC441063: Microsoft Bookings – Old Web Version Will Be Retired on November 14

Microsoft Bookings is part of the Microsoft 365 Suite of products and is available through most commercial SKUs. It is available on the Web. The new version of Bookings was launched last year and is the default experience for all new users. This version introduces many new features. Currently, users have the option to switch …

Read More about MC441063: Microsoft Bookings – Old Web Version Will Be Retired on November 14

Chaos Cross-Platform Malware Botnet

Updated on 2022-09-30 Researchers from Lumen’s Black Lotus Labs “recently uncovered a multifunctional Go-based malware that was developed for both Windows and Linux.” Dubbed Chaos, the malware uses infected devices for cryptomining and launching distributed denial-of-service (DDoS) attacks. Note While Chaos appears to have roots in the Kanji malware, it is considerably more advanced. This …

Read More about Chaos Cross-Platform Malware Botnet

IRS warning

Updated on 2022-09-29 The US Internal Revenue Service issued an alert this week warning about a “significant increase” in IRS-themed texting scams aimed at stealing personal and financial information. Read more: IRS reports significant increase in texting scams; warns taxpayers to remain vigilant So far in 2022, the IRS has identified and reported thousands of …

Read More about IRS warning

Fast Company hacked

Updated on 2022-09-29: FastCompany hacked News media outlet FastCompany said that a threat actor hacked its CMS on Tuesday and sent out obscene and racist push notifications to its customers through its Apple News account, which was connected to the CMS backend. Fast Company’s Apple News account was hacked on Tuesday evening. Two obscene and …

Read More about Fast Company hacked
Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.