Resources

Filter By:
Threat Report
ProxyNotShell: New Exchange 0-day Vulnerabilities
Security Researchers have discovered a new Microsoft Exchange vulnerability actively being exploited but not yet patched by Microsoft.
security general icon
Cybersecurity
eBook
Cybersecurity Pricing and Packaging Guide 2022
SMBs are looking to invest in cybersecurity, and this creates a huge opportunity for MSPs. Read our eBook and learn how you can grow your business with cybersecurity services.
security general icon
Cybersecurity
Threat Report
Microsoft Teams Local Information Disclosure in Windows, Linux, and macOS
Security researchers have disclosed that the Microsoft Teams desktop application stores access tokens in clear-text.
security general icon
Cybersecurity
Threat Report
Patch Tuesday – September 2022
Today, September 13, is Patch Tuesday. Patch Tuesday is the second Tuesday of each month when Microsoft and other vendors, such as Adobe, release security updates to their products to patch discovered vulnerabilities. This month there was patches released for 64 new vulnerabilities with five rated with a severity of Critical, 57 Important, and two Moderate.
security general icon
Cybersecurity
Threat Report
Chrome Extension Banking Trojan Targeting Mexico
On August 20, 2022, the CRU observed a banking trojan delivered via a .zip file with a JavaScript payload. This script then downloaded several files that created persistence on the machine in the form of shortcuts that attempt to open the Google Chrome browser loaded with a planted extension. The goal of this malware was to steal banking credentials, specifically targeting banking logon pages from Mexico, and track victim browsing activity.
security general icon
Cybersecurity
Threat Report
Formbook and Remcos Backdoor RAT
CRU Senior Threat Researcher Stu Gonzalez breaks down a payload the CRU captured in one of our spam traps. This was a Formbook payload that then downloaded the Remcos backdoor RAT.
security general icon
Cybersecurity
Threat Report
Initial Access Brokers
Successful cybercrime attacks often take groups of individuals working together. Some are extremely organized cybercrime syndicates such as the Conti group, but often individual criminals provide services to other criminals as vendors operating through a marketplace. Ransomware-as-a-Service (RaaS) or Botnet-as-a-Service (BaaS) providers regularly advertise their services on forums such as Exploit or XSS and setup affiliate programs. One type of service that can be found within the cybercrime ecosystem is the initial access broker (IAB).
security general icon
Cybersecurity
Threat Report
Follina - A New Microsoft Office 0-day RCE
Follina is a new remote code execution 0-day vulnerability in Microsft Office products.
security general icon
Cybersecurity