Threat Intelligence Bulletin – Vulnerable QNAP NAS Devices, Phishing Campaign Delivering Cobalt Strike, and Atlassian Confluence Flaws

June 22, 2022

Ransomware targeting vulnerable QNAP Network Attached Storage devices

https://www.bleepingcomputer.com/news/security/qnap-nas-devices-targeted-by-surge-of-ech0raix-ransomware-attacks/

PHP flaw in QNAP Network Attached Storage devices leads to RCE vulnerability

https://www.bleepingcomputer.com/news/security/critical-php-flaw-exposes-qnap-nas-devices-to-rce-attacks/

Threat analyst outlines phishing campaign delivering Cobalt Strike

https://www.bleepingcomputer.com/news/security/new-phishing-attack-infects-devices-with-cobalt-strike/

New NTLM relay attack uses Distributed File System and Namespace Management Protocol to take over domains

https://thehackernews.com/2022/06/new-ntlm-relay-attack-lets-attackers.html

Large number of flaws found in Siemens’ SINEC network management system, some allowing for RCE

https://thehackernews.com/2022/06/over-dozen-flaws-found-in-siemens.html

Atlassian Confluence flaw CVE-2022-26134 being exploited to deliver ransomware and crypto miners

https://thehackernews.com/2022/06/atlassian-confluence-flaw-being-used-to.html

Fake voicemail phishing campaign targeting US-based organizations, seeking Office365 and Outlook login credentials

https://www.helpnetsecurity.com/2022/06/21/fake-voicemail-office365/

Tags:Cybersecurity, News