Active VPN Reconnaissance Campaign from Russia Based IP

Active VPN Reconnaissance Campaign from Russia Based IP Event Summary Security On-Demand has discovered a Russian based IP performing an active VPN scanning and password spraying campaign.  This IP was observed performing this activity as of May 30, 2021.  We are taking this opportunity to alert our client base and recommend any preemptive actions to […]

‘Fancy Product Designer’ Website Plugin Zero-Day Vulnerability

‘Fancy Product Designer’ Website Plugin Zero-Day Vulnerability 2 June, 2021 Event Summary On May 31, 2021, the WordFence Threat Intelligence team discovered and disclosed a critical file upload vulnerability in ‘Fancy Product Designer’ plugin.  This vulnerability affects both WordPress and WooCommerce websites and allows for Remote Code Execution (RCE). The Fancy Product Designer plugin exists […]

Threat Flash Alert: Nobelium Spear-Phishing Campaign

Threat Flash Alert: Nobelium Spear-Phishing Campaign Executive Summary Microsoft’s Threat Intelligence Center (MSTIC) has released an advisory pertaining to a new Spear-Phishing campaign by the Russian threat group dubbed Nobelium.  Nobelium has been labeled responsible for the Solar Winds compromise that took place in 2020.   The start date for this campaign dates back to January […]

Threat Flash Alert: RCE Vulnerability in VMWare Center

exchange servers

Threat Flash Alert: RCE Vulnerability in VMWare Center Event Summary VMWare has released a critical advisory regarding multiple vulnerabilities in their vCenter machines using the default configuration.  This affects the vSphere Client (HTML5).  This vulnerability has a CVSS rating of 9.8 out of 10.    Details – CVE-2021-21985 The vSphere Client (HTML5) contains a remote code […]

Web Shells and How to Avoid the Backdoor Action We Really Don’t Want

backdoor

Web Shells and How to Avoid the Backdoor Action We Really Don’t Want By Evan Stewart   For many years, web shells have been used for legitimate administration and remote management of enterprise network assets. However, threat actors slowly started to twist web shells to serve their ploys for illegitimate gains. Now, malicious web shells […]

Top 8 Cybersecurity Best Practices for 2021

Best practices

Top 8 Cybersecurity Best Practices for 2021 If you are in the IT profession, you most likely manage risk and uphold cybersecurity best practices in what you do every day. Information Technology’s modern business role is to enable business to be transacted seamlessly, conveniently and securely. To achieve some balance of enabling and securing the […]