TT-CSIRT – 453.24.09.25 – Shai-Hulud Self-Replicating Worm Supply Chain Compromise
Please be advised, CISA has issued a critical alert regarding a widespread supply chain attack involving npmjs.com, the largest JavaScript package registry. A self-replicating worm named “Shai-Hulud” has compromised over…
Read MoreTT-CSIRT – 452.23.09.25 – Security Alert: New Inboxfuscation Tool That Bypasses Microsoft Exchange Inbox Rules and Evades Detection
Please be aware, newly discovered is a sophisticated new attack framework called Inboxfuscation, developed by Permiso Security to demonstrate critical vulnerabilities in Microsoft Exchange inbox rule detection systems. This Unicode-based…
Read MoreTT-CSIRT – 451.13.09.25 – Malware Alert: Azure Function Abuse
Please be advised there has been a discovery of a highly evasive attack using a malicious ISO image named Servicenow-BNM-Verify.iso, containing four files, with two openly visible and two hidden.…
Read MoreTT-CSIRT – 450.29.08.25 – FreePBX Vulnerability
Please be advised, A critical vulnerability has been discovered in the FreePBX Endpoint module, affecting versions 15, 16, and 17. The vulnerability arises from improper sanitization of user-supplied data, which can…
Read MoreTT-CSIRT – 449.22.08.25 – Microsoft 365 ADFS Exploit
Please be advised, a sophisticated phishing campaign have been uncovered, that exploits Microsoft’s Active Directory Federation Services (ADFS) to create legitimate-looking login URLs that redirect users to malicious credential-harvesting sites,…
Read MoreTT-CSIRT – 448.16.08.25 – Windows Out-of-Box-Experience (OOBE) Exploit
Be advised, a new security vulnerability has been identified to exploit Windows Out-of-Box-Experience (OOBE) that bypasses existing protections, granting administrative command line access to Windows machines. The vulnerability allows low-privileged domain…
Read More