A recent publication demonstrated that several Play ransomware intrusions seem to have been caused by the Microsoft Exchange ProxyNotShell vulnerabilities CVE-2022-41040 and CVE-2022-41082. In each instance, the relevant logs and ruled there was no evidence of the exploitation of CVE-2022-41040 for initial access. Instead, it appears that the PoC was made directly through Outlook Web
Researchers from the Google Threat Analysis research organization discovered an incident associated with the APT37 hackers’ group that has been exploiting an official Internet Explorer zero-day vulnerability. Threat actors attempted to exploit the vulnerability using a weaponized document that was used to target the victims from South Korea also this APT37 believed to be a
What is incident response? Incident response (sometimes called cybersecurity incident response) is an organization’s systems and procedures for finding and responding to cyberthreats, security breaches, or cyberattacks. The goal of event response is to prevent cybercrime before it happens, and to minimize the cost and business disruption caused by any cybercrime that occurs. An enterprise
Cyberattacks are frequent and indiscriminate, targeting small and large companies alike. Research shows that over 60% of businesses around the globe have endured a cybersecurity incident, and over 50% of those attacks had been directed to smaller companies. Handling a cyber scam may deplete a business’s resources. For example, a denial-of-service attack against INRS, a
