Project Hyphae

Threats

the latest cybersecurity threat alerts

LockBit 3.0 Ransomware: Inside the Cyberthreat That’s Costing Millions Article Link: https://thehackernews.com/2023/03/lockbit-30-ransomware-inside.html BianLian Ransomware Crew Goes 100% Extortion After Free Decryptor

Microsoft released a PowerShell script (KB5025175) for CVE-2022-41099 that allows an attacker to utilize WinRE images to bypass BitLocker device encryption

CVE-2023-23397 CVSSv3: 9.8 *Please install Microsoft’s March patches as soon as possible on systems with Outlook. Microsoft has released a zero-day

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability, CVE-2023-26360, that affects Adobe ColdFusion 2018 and 2021 versions

AT&T Alerts 9 million Customers of Data Breach After Vendor Attack Article Link: https://www.bleepingcomputer.com/news/security/atandt-alerts-9-million-customers-of-data-breach-after-vendor-hack/ Cyberattacks on School Districts, Like the One

CVE-2023-25610 CVSSv3: 9.3 Fortinet has released a critical patch that remediates a newly discovered remote code execution (RCE) vulnerability. This vulnerability

A proof-of-concept (PoC) for a critical vulnerability in Microsoft Word that allows remote code execution has been published. Assigned a severity

Threat Actors Target Law Firms with GootLoader and SocGholish Malware Article Link: https://securityaffairs.com/142888/cyber-crime/law-firms-gootloader-socgholish-malware.html Vulnerabilities of Years Past Haunt Organizations, Aid Attackers

ESET announced it has identified and analyzed 6 installers for the BlackLotus bootkit malware. This malware, which leverages the year old

NSA Shares Guidance on how to Secure Your Home Network Article Link: https://www.bleepingcomputer.com/news/security/nsa-shares-guidance-on-how-to-secure-your-home-network/ Defenders on High Alert as Backdoor Attacks Become

VMware has released patches for a critical security vulnerability affecting its Carbon Black App Control product. The vulnerability, tracked as CVE-2023-20858,

Twitter will soon drop support for SMS Multi-Factor Authentication, whereby users receive a text message with a numeric code to verify

Do You Want to Shore Up Your Defenses?

We're opening our first round of threat hunting engagements to 100 organizations. Sign up or join the wait list here.