Threat Alerts

Microsoft: Outlook email sending issues for users with lots of folders

A new issue affecting Outlook for Microsoft 365 users has been identified and this is causing
email-sending problems for those with too many nested folders.

AutoSpill attack steals credentials from Android password managers

Security researchers developed a new attack, named as “AutoSpill”, to steal account credentials
on Android during the autofill operation. 

50K WordPress Sites Exposed to Remote Code Execution Attacks by Critical Bug in Back Up Plugin

A critical severity vulnerability has been identified in a WordPress plugin with more than 90,000 installs….

Active Campaign Targeting VOIP IPBX 3CX DesktopApp

Voice Over IP (VOIP) IPBX software development company 3CX has fallen victim to a supply
chain cyberattack….

Microsoft to retire its Support Diagnostic Tool (MSDT) in 2025

Microsoft announced that it will retire Microsoft Support Diagnostic Tool (MSDT) troubleshooters in future versions of Windows…

Massive ESXiArgs Ransomware Attack Targets VMware ESXi Servers Worldwide

The Cybersecurity and Infrastructure Security Agency (CISA) of the United States has released a
recovery script for organizations that have fallen victim to ESXiArgs ransomware.

Beware of Fake Online Trading or Investment Scams

During the last few weeks, CERT-MU has observed a peak in incidents related to online trading
or investment scams, where Mauritian have suffered from financial loss.

Microsoft: Exchange Server 2013 reaches end of Support in 90 days

Microsoft has issued a communique on 12th January 2023 to inform customers that its Microsoft Exchange
Server 2013 will reach its extended end-of-support (EOS) date 90 days from now, on April 11, 2023.

New Prestige Ransomware Targets Organizations in Transport and Logistics Sectors

According to a Microsoft research and analysis, a new ransomware dubbed as “Prestige” is
currently being used to target transportation and logistics organizations.

Windows Mark of the Web Bypass Zero-Day Vulnerability

A zero-day vulnerability has been identified in the Windows Mark of the Web (MotW) security

Microsoft Releases Patch for Windows TLS Handshake Failures

A vulnerability has been identified in Microsoft Windows client and server platforms and this can
affect some types of Secure Sockets Layer (SSL) and Transport Layer Security (TLS) connections.

Multiple Vulnerabilities in HP devices

Multiple firmware vulnerabilities have been identified in a broad range of HP devices used in
enterprise environments and they could be exploited by remote attackers to execute arbitrary code.

Cisco SD-WAN vManage Software Unauthenticated Access to Messaging Services Vulnerability

A vulnerability has been identified in the binding configuration of Cisco SD-WAN vManage
Software containers could allow an unauthenticated, adjacent attacker who has access to the VPN0
logical network to also access the messaging service ports on an affected system.

Apple Zero Day Vulnerabilities

Apple has released a security update fixing two zero-day common vulnerability and exposures (CVE) that they state are being actively exploited.

IBM QRadar SIEM Vulnerability

IBM QRadar SIEM 7.3, 7.4, and 7.5 is vulnerable to local privilege escalation if this could be combined with other unknown vulnerabilities.

Phobos Ransomware: A threat to the Healthcare Service Providers

As per the cyber threat intelligence gathered by CERT-MU’s Security Operations Centre (SOC), it
was found that a new ransomware strain known as Phobos Ransomware is in circulation and is
targeting healthcare service providers.

CVE-2022-30190: Microsoft Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability “Follina”

A critical zero day vulnerability known as “Follina” (CVE-2022-30190) targeting Microsoft Windows systems have been identified.

Google Issues Urgent Chrome Update to Patch Actively Exploited Zero-Day Vulnerability

A high severity vulnerability has been identified in Google Chrome browser and is being actively exploited in the wild.

WhisperGate or IssacWiper or HermeticWiper : Destructive Malware Targeting Organizations

Destructive malicious programs are in circulation. Dubbed as WhisperGate, IssacWiper or HermeticWiper malware, destructive malware can present a direct threat to an organization’s daily operations, impacting the availability of critical assets and data.

TLStorm Vulnerabilities: Zero-Click Flaws in Widely Used UPS Devices Threaten Critical Infrastructure

Three critical security vulnerabilities dubbed as “TLStorm” have been identified in APC Smart-UPS devices, which number about 20 million in deployment worldwide.

Skip to content