25 Mar 2024

HAWKEYE Alert Advisory, CVE, Vulnerability Assessment Permalink

Critical Vulnerabilities Affecting FortiOS, FortiProxy, and FortiClientEMS

HAWKEYE March 25, 2024

Five Fortinet advisories that address vulnerabilities in a variety of products, such as FortiOS and FortiProxy SSLVPN, FortiWLM MEA for FortiManager, and FortiClientEMS, have been highlighted by CISA.

Read More

22 Mar 2024

HAWKEYE Alert Advisory, CVE, Cybersecurity, Vulnerability Assessment Permalink

Critical Fixes for March 2024 Patch Tuesday

HAWKEYE March 22, 2024

Microsoft has issued Patch Tuesday for March 2024, fixing 61 security flaws. Two vulnerabilities are categorized as critical in maximum severity in Microsoft advisories; no zero-day vulnerabilities exist in this month’s release.

Read More

04 Mar 2024

HAWKEYE Alert Advisory, CVE, Cybersecurity, Vulnerability Assessment Permalink

ScreenConnect Authentication Bypass (CVE-2024-1709 & CVE-2024-1708)

HAWKEYE March 4, 2024

ConnectWise released a major advisory on February 19, 2024, addressing two extremely serious vulnerabilities affecting ScreenConnect versions 23.9.7 and earlier: CVE-2024-1709, which is rated at a CVSS score of 10.4 – major, and CVE-2024-1708, which is rated at an 8.4 – High CVSS score.

Read More

29 Feb 2024

HAWKEYE Alert Advisory, CVE, Cybersecurity, Vulnerability Assessment Permalink

CVE-2024-22245: VMware Requests EAP Uninstall ASAP

HAWKEYE February 29, 2024

This week, VMware published a security advisory addressing two vulnerabilities detected in the VMware Enhanced Authentication Plug-in (EAP): one recorded as CVE-2024-22245, with a severity rating of 9.6, and another tracked as CVE-2024-22250, with a rating of 7.8.

Read More

29 Feb 2024

HAWKEYE Alert Advisory, CVE, Cybersecurity, Vulnerability Assessment Permalink

CVE-2024-21413: Critical MonikerLink Vulnerability in Outlook

HAWKEYE February 29, 2024

An intriguing vulnerability in how Outlook handles particular hyperlinks has been found, and threat actors have been known to use it in the wild. CVE-2024-21413 has been assigned to this issue, and its severity was rated as 9.8 (Critical).

Read More

27 Feb 2024

HAWKEYE Cybersecurity Permalink

Living-Off-the-Land (LOTL) Attack

HAWKEYE February 27, 2024

In a LOTL attack, the hacker uses features and tools already available in the target system to continue the attack without being detected.

Read More

20 Feb 2024

HAWKEYE CVE, Cybersecurity, Vulnerability Assessment Permalink

CVE-2024-21762: Critical Fortinet FortiOS Vulnerability

HAWKEYE February 20, 2024

Two serious FortiOS vulnerabilities were discovered by Fortinet’s FortiGuard on February 8, 2024.

Read More

16 Feb 2024

HAWKEYE Alert Advisory, Cybersecurity Permalink

Alert Advisory: Customer Advice Regarding the AnyDesk Incident

HAWKEYE February 16, 2024

Remote Desktop Software AnyDesk recently faced a cyberattack. On February 1st, 2024, AnyDesk revealed that a cyber attack had allowed hackers to get access to the company’s production server and reset its password.

Read More

03 Feb 2024

HAWKEYE Alert Advisory, CVE, Cybersecurity, Vulnerability Assessment Permalink

CVE-2024-21893: New Ivanti Zero-Day Vulnerability Actively Exploited

HAWKEYE February 3, 2024

Employees, partners, and clients may access business data and apps securely and under control with the help of Ivanti Connect Secure, a VPN solution. It allows mobile and remote employees to access company resources from any web-enabled device.

Read More

22 Jan 2024

HAWKEYE Alert Advisory, CVE, Cybersecurity, Vulnerability Assessment Permalink

CVE-2024-21591: Critical RCE Vulnerability Uncovered in Juniper SRX Firewalls and EX Switches

HAWKEYE January 22, 2024

Junos OS simplifies and fine-tunes network operations, increasing operational efficiency and vital time and resources for top-line growth. Many of the world’s most advanced network deployments run on Junos OS, known for its dependability, security, and adaptability.

Read More

22 Jan 2024

HAWKEYE Alert Advisory, Cybersecurity Permalink

JinxLoader Loader Used to Spread Formbook and XLoader

HAWKEYE January 22, 2024

Based on the Go programming language, JinxLoader is a recently found malware loader that fraud-related actors are now using to spread following payloads, such as Formbook and its XLoader sequel.

Read More

22 Jan 2024

HAWKEYE Alert Advisory, CVE, Cybersecurity, Vulnerability Assessment Permalink

CVE-2024-20272: Cisco Unity Connection Unauthenticated Arbitrary File Upload Vulnerability

HAWKEYE January 22, 2024

Cisco recently resolved a significant security vulnerability in the Unity Connection. Unity Connection is a fully virtualized messaging and voicemail service that works across several platforms, including email inboxes, web browsers, Cisco Jabber, Cisco Unified IP Phone, cellphones, and tablets.

Read More

19 Jan 2024

HAWKEYE Alert Advisory, CVE, Cybersecurity, Vulnerability Assessment Permalink

CVE-2023-39336: SQL Injection Vulnerability in Ivanti Endpoint Manager

HAWKEYE January 19, 2024

Ivanti Endpoint Manager is an all-in-one endpoint management solution. It provides a unified solution for managing user profiles and all client devices that support Windows, macOS, Linux, Chrome OS, and IoT.

Read More

18 Jan 2024

HAWKEYE Alert Advisory, CVE, Cybersecurity, Vulnerability Assessment Permalink

CVE-2023-7028: A Critical Vulnerability Affecting GitLab

HAWKEYE January 18, 2024

GitLab is a web-based DevOps lifecycle solution developed by GitLab Inc. that provides unparalleled visibility and productivity throughout the whole DevOps lifecycle in a single application.

Read More

05 Jan 2024

HAWKEYE Alert Advisory, CVE, Cybersecurity, Vulnerability Assessment Permalink

CVE-2023-7102: UNC4841 Targets Barracuda ESG

HAWKEYE January 5, 2024

The Barracuda Email Security Gateway Appliance (ESG) Vulnerability security advisory highlights the ESG vulnerability CVE-2023-7102 that was discovered during an ongoing investigation.

Read More

31 Dec 2023

HAWKEYE Alert Advisory, CVE, Cybersecurity, Managed SOC Services, Vulnerability Assessment Permalink

CVE-2023-50164: Apache Struts Path Traversal Vulnerability

HAWKEYE December 31, 2023

Threat actors began attempting to exploit CVE-2023-50164, a critical-severity remote code execution (RCE) vulnerability affecting Apache Struts, an open-source framework used to develop Java Web applications, on December 13, 2023.

Read More

22 Dec 2023

HAWKEYE Alert Advisory, Cybersecurity, Ransomware Protection, Vulnerability Assessment Permalink

Enterprise Applications are at Risk from Serious Atlassian Vulnerabilities

HAWKEYE December 22, 2023

Threat actors have historically targeted Atlassian vulnerabilities in products affected by the four vulnerabilities described below to achieve goals such as data exfiltration and ransomware deployment.

Read More

21 Dec 2023

HAWKEYE Advanced Persistent Threat, Alert Advisory, Cyber Threat Management, Cybersecurity Permalink

A New KV-Botnet Is Using Stealthy Attacks to Target Cisco, DrayTek, and Fortinet Devices

HAWKEYE December 21, 2023

Since at least 2022, a highly capable botnet known as the “KV-botnet” has been associated with the Chinese state-sponsored APT hacking group known as Volt Typhoon (Bronze Silhouette), which attacks SOHO routers in high-value targets.

Read More

29 Nov 2023

HAWKEYE Alert Advisory, CVE, Cybersecurity, Managed SOC Services, SIEM Permalink

CVE-2023-36553: Command Injection Vulnerability in FortiSIEM

HAWKEYE November 29, 2023

Fortinet, a major cybersecurity company, recently published an advisory regarding a critical vulnerability affecting its FortiSIEM Report Server.

Read More

28 Nov 2023

HAWKEYE Advanced Persistent Threat, Alert Advisory, Cybersecurity, Threat Hunting Permalink

DarkCasino: A New Emerging APT Threat Exploiting a WinRAR Flaw

HAWKEYE November 28, 2023

NSFOCUS researchers examined the DarkCasino attack pattern, which exploited the WinRAR zero-day vulnerability identified as CVE-2023-38831. The financially motivated APT group conducted phishing operations against forum participants via online trading forum posts using specially generated archives.

Read More