Monthly Security Digest for September
Every month, we are covering the major security events for our clients. Please find an exclusive selection below.
New Microsoft Exchange Zero-Day Vulnerabilities
Microsoft has shared mitigation measures to block two zero-day security vulnerabilities that exploit Microsoft Exchange Server 2013, 2016, and 2019. The first vulnerability, identified as CVE-2022-41040, is a Server-Side Request Forgery (SSRF) vulnerability, while the second vulnerability identified as CVE-2022-41082, allows remote code execution (RCE) when PowerShell is accessible to the attacker. […]
Novel Malware Backdoors VMware ESXi Servers
Threat actors are using a novel method to establish persistence on VMware ESXi hypervisors to control vCenter servers and virtual machines for Windows and Linux. The attackers use malicious vSphere Installation Bundles, to install two backdoors on the bare-metal hypervisor that researchers have named VirtualPita and VirtualPie. Researchers also uncovered a unique malware sample that they called VirtualGate, which includes a dropper and a payload. […]
Microsoft Teams GIFShell Attack
This newly published GIFShell attack method occurs through Microsoft Teams. According to security researchers, the GIFShell attack technique enables bad actors to exploit several Microsoft Teams features to act as a C&C for malware, and exfiltrate data using GIFs without being detected by EDR and other network monitoring tools. […]