AUCloud Cyber Security Threat Intel Alert 28-Mar-24

The latest weekly report is out and in the AUCloud Cyber Threat Intelligence Report we reveal:

  • New MFA-bypassing phishing kit targets Microsoft 365, Gmail accounts: Tycoon 2FA — A new phishing-as-a-service (PhaaS) platform currently being used to bypass two-factor authentication (2FA) protection on Microsoft 365 and Gmail accounts.

  • China-linked group breaches networks via Connectwise, F5 software flaws: Security flaws in Connectwise ScreenConnect and F5 BIG-IP software have been exploited to deliver custom malware capable of delivering additional backdoors on compromised Linux hosts.

  • Russian hackers exploit ‘WINELOADER’ malware in targeted attacks on German political parties: Recent cyber-attacks on diplomatic entities through wine-tasting themed phishing emails, has been linked to a hacking group associated with Russia’s Foreign Intelligence Service (SVR).

  • Fortinet Vulnerability PoC Released Amid Active Exploits: Security researchers have developed a proof-of-concept (PoC) exploit for a critical remote code execution (RCE) vulnerability in Fortinet’s FortiClient Enterprise Management Server (EMS) software, currently under active exploitation.

Access to the full report and automatically subscribe for future editions.

Get it for free now!