CyberSec Roundup
A synopsis of the Latest Cybersecurity News

Rise in Cyber Attacks from Iran

CISA and Microsoft are warning administrators to be on high alert following a recent spate of cyber-attacks launched by Iranian-backed hacking groups. The ATP groups are looking to exploit common vulnerabilities relating to older versions of Fortinet FortiOS and the Microsoft Exchange ProxyShell vulnerability. Administrators need to ensure their devices are patched and hardened against these attacks.

FatPipe Zero-Day Flaw

In a recent  Flash alert, the FBI disclosed that they have observed the exploitation of a zero-day vulnerability in the FatPipe MPVPN device software. Hackers that manage to exploit this vulnerability can gain access to an unrestricted file upload function, and drop a webshell for exploitation activity with root access, which can lead to further exploitation of the organization’s network. FatPipe recently released a patch for the zero-day vulnerability.

North Korean Cyber Espionage

Proofpoint disclosed that North Korean APT group TA406 has launched intense credential theft phishing campaigns this year. The hacking group’s activity level increased significantly in 2021, with almost weekly campaigns targeting foreign policy experts, journalists and NGOs. TA406 is a dangerous group known to engage in espionage, cyber-crime and sextortion, with their main targets being entities of interest to the North Korean government.

By: David Pinder
IT & Security Consultant
Certified Ethical Hacker (Master)