Threat Intelligence
Vulnerability Alert: CVE-2024-21410 and CVE-2024-21413 affecting Microsoft Products
Amaru would like to draw your attention to a crucial alert we received from The National Cyber Security Centre (NCSC) regarding two zero-day vulnerabilities discovered in Microsoft Products. These vulnerabilities pose severe threats to the security of organisations and individuals alike. Vulnerability Details: 1. CVE-2024-21410 – Microsoft Exchange Server:...
[Security Advisory] SVR cyber actors adapt tactics for initial cloud access
AMARU would like to draw your attention to an advisory published by the UK’s National Cyber Security Centre (NCSC UK) which details recent tactics, techniques and procedures (TTPs) of the group commonly known as APT29, also known as Midnight Blizzard, the Dukes or Cozy Bear. The NCSC UK and international partners assess that APT29 is a cyber espionage...
[Security Advisory] Critical Vulnerability Being Exploited In ScreenConnect
// Overview On February 19th, 2024, ConnectWise released a security advisory for its remote monitoring and management (RMM) software. The advisory highlighted two vulnerabilities that impact older versions of ScreenConnect and have been mitigated in version 23.9.8 and later. CVE-2024-1709 (CWE-288)— Authentication Bypass Using Alternate Path or Channel...
[Security Advisory] Active Exploitation of Unpatched VMware ESXi Servers
Amaru’s MDR is aware of an active ransomware campaign targeting unpatched VMware ESXi hosts facing the public internet. On February 3rd, 2023 the French National CERT first reported a threat actor campaign targeting VMware ESXi hypervisors with the aim of deploying ransomware. The initial access vector is CVE-2021-21974, a vulnerability that allows an...
Possible Okta Breach By Threat Actor
Okta has provided additional information on the timeline of the incident affecting their services. In summary, the Okta service confirmed the breach by Lapsus$ group yesterday. As per Okta has confirmed ‘The Okta service is fully operational, and there are no corrective actions our customers need to take.‘ Okta has also concluded that a small percentage of...