The latest weekly report is out and in the AUCloud Cyber Threat Intelligence Report we reveal:
New MFA-bypassing phishing kit targets Microsoft 365, Gmail accounts: Tycoon 2FA — A new phishing-as-a-service (PhaaS) platform currently being used to bypass two-factor authentication (2FA) protection on Microsoft 365 and Gmail accounts.
China-linked group breaches networks via Connectwise, F5 software flaws: Security flaws in Connectwise ScreenConnect and F5 BIG-IP software have been exploited to deliver custom malware capable of delivering additional backdoors on compromised Linux hosts.
Russian hackers exploit ‘WINELOADER’ malware in targeted attacks on German political parties: Recent cyber-attacks on diplomatic entities through wine-tasting themed phishing emails, has been linked to a hacking group associated with Russia’s Foreign Intelligence Service (SVR).
Fortinet Vulnerability PoC Released Amid Active Exploits: Security researchers have developed a proof-of-concept (PoC) exploit for a critical remote code execution (RCE) vulnerability in Fortinet’s FortiClient Enterprise Management Server (EMS) software, currently under active exploitation.
Access to the full report and automatically subscribe for future editions.
