Star Support

We Love Our Clients!

#StopRansomware: CL0P Ransomware Gang Exploits CVE-2023-34362 MOVEit Vulnerability

CISA - Alerts /

SUMMARY Note: this joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov […]

#StopRansomware: CL0P Ransomware Gang Exploits CVE-2023-34362 MOVEit Vulnerability Read More »

Progress Software Releases Security Advisory for MOVEit Transfer

CISA - Current Activity /

Progress Software has released a security advisory for a vulnerability in MOVEit Transfer—a Managed File Transfer Software. A cyber threat actor could exploit this vulnerability to take over an affected system. CISA urgers users and organizations to review the MOVEit Transfer Advisory, follow the mitigation steps, apply the necessary updates, and hunt for any malicious activity.

Progress Software Releases Security Advisory for MOVEit Transfer Read More »

CISA Warns of Hurricane/Typhoon-Related Scams

CISA - Current Activity /

CISA urges users to remain on alert for malicious cyber activity following a natural disaster such as a hurricane or typhoon, as attackers target potential disaster victims by leveraging social engineering tactics, techniques, and procedures (TTPs). Social engineering TTPs include phishing attacks that use email or malicious websites to solicit personal information by posing as

CISA Warns of Hurricane/Typhoon-Related Scams Read More »

CISA and Partners Release Cybersecurity Advisory Guidance detailing PRC state-sponsored actors evading detection by “Living off the Land”

CISA - Current Activity /

Today, CISA joined the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and international partners in releasing a joint cybersecurity advisory highlighting recently discovered activities conducted by a People’s Republic of China (PRC) state-sponsored cyber threat actor.  This advisory highlights how PRC cyber actors use techniques called “living off the land” to evade

CISA and Partners Release Cybersecurity Advisory Guidance detailing PRC state-sponsored actors evading detection by “Living off the Land” Read More »

People’s Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection

CISA - Alerts /

Summary The United States and international cybersecurity authorities are issuing this joint Cybersecurity Advisory (CSA) to highlight a recently discovered cluster of activity of interest associated with a People’s Republic of China (PRC) state-sponsored cyber actor, also known as Volt Typhoon. Private sector partners have identified that this activity affects networks across U.S. critical infrastructure

People’s Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection Read More »

CISA and Partners Update the #StopRansomware Guide, Developed through the Joint Ransomware Task Force (JRTF)

CISA - Current Activity /

Today, CISA, the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) published an updated version of the #StopRansomware Guide, as ransomware actors have accelerated their tactics and techniques since its initial release in 2020. The update incorporates lessons learned from the past two years and

CISA and Partners Update the #StopRansomware Guide, Developed through the Joint Ransomware Task Force (JRTF) Read More »

#StopRansomware: BianLian Ransomware Group

CISA - Alerts /

Summary Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov

#StopRansomware: BianLian Ransomware Group Read More »

CISA and Partners Release BianLian Ransomware Cybersecurity Advisory

CISA - Current Activity /

CISA, the Federal Bureau of Investigation (FBI), and the Australian Cyber Security Centre (ACSC) have released a joint Cybersecurity Advisory (CSA) with known BianLian ransomware and data extortion group technical details. Microsoft and Sophos contributed to the advisory. To reduce the likelihood and impact of BianLian and other ransomware incidents, CISA encourages organizations to implement mitigations

CISA and Partners Release BianLian Ransomware Cybersecurity Advisory Read More »

CISA and FBI Release Joint Advisory in Response to Active Exploitation of PaperCut Vulnerability

CISA - Current Activity /

CISA and FBI have released a joint Cybersecurity Advisory (CSA), Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG. This joint advisory provides details related to an exploitation of PaperCut MF/NG vulnerability (CVE-2023-27350). FBI observed malicious actors exploit CVE-2023-27350 beginning in mid-April 2023 and continuing through the present. In early May 2023, FBI observed a group

CISA and FBI Release Joint Advisory in Response to Active Exploitation of PaperCut Vulnerability Read More »

Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG

CISA - Alerts /

SUMMARY The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) in response to the active exploitation of CVE-2023-27350. This vulnerability occurs in certain versions of PaperCut NG and PaperCut MF and enables an unauthenticated actor to execute malicious code remotely without credentials. PaperCut released

Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG Read More »