This Joint Cybersecurity Advisory highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies. This campaign includes those involved in the coordination, transport, and delivery of foreign assistance to Ukraine.
A vulnerability has been discovered in Google Chrome which could allow for arbitrary code execution. Successful exploitation of this vulnerability could allow for arbitrary code execution in the context of the logged on user, depending on the privileges associated with the user.
The NJCCIC recently reported on malicious QR codes used in multiple quishing campaigns impersonating human resources or information technology. The NJCCIC’s email security solution observed a similar quishing campaign attempting to deliver malicious QR codes.
The NJCCIC observed several compromised government email accounts sending phishing emails to the user’s contacts, attempting to compromise additional accounts. Using legitimate accounts increases the likelihood of successful attacks as these messages come from...
Multiple vulnerabilities have been discovered in Ivanti Endpoint Manager Mobile, the most severe of which could allow for remote code execution. Ivanti Endpoint Manager Mobile (EPMM) is a unified endpoint management solution that enables organizations to securely manage...
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Adobe produces software that is used for creating and publishing a wide variety of content including graphics, photography, illustration, and more.
Multiple vulnerabilities have been discovered in Fortinet Products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user.
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete...
The NJCCIC observed an uptick in employment scams that target and exploit individuals seeking employment. Threat actors first perform reconnaissance on their targets, gathering information from various sources, such as past data breaches, publicly disclosed data...
The Federal Bureau of Investigation (FBI) released this FBI Liaison Alert System (FLASH) to disseminate indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with 5Socks and Anyproxy cyber criminal services' targeting malware that affects EOL
