{"id":69,"date":"2022-06-22T15:44:37","date_gmt":"2022-06-22T15:44:37","guid":{"rendered":"https:\/\/gcsecurity.us\/?p=69"},"modified":"2023-01-27T19:58:27","modified_gmt":"2023-01-27T19:58:27","slug":"security-bulletin-06-22-22","status":"publish","type":"post","link":"https:\/\/gcsecurity.us\/?p=69","title":{"rendered":"Threat Intelligence Bulletin &#8211; Vulnerable QNAP NAS Devices, Phishing Campaign Delivering Cobalt Strike, and Atlassian Confluence Flaws"},"content":{"rendered":"\n<p>Ransomware targeting vulnerable QNAP Network Attached Storage devices<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/qnap-nas-devices-targeted-by-surge-of-ech0raix-ransomware-attacks\/\">https:\/\/www.bleepingcomputer.com\/news\/security\/qnap-nas-devices-targeted-by-surge-of-ech0raix-ransomware-attacks\/<\/a><\/li><\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p>PHP flaw in QNAP Network Attached Storage devices leads to RCE vulnerability<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/critical-php-flaw-exposes-qnap-nas-devices-to-rce-attacks\/\">https:\/\/www.bleepingcomputer.com\/news\/security\/critical-php-flaw-exposes-qnap-nas-devices-to-rce-attacks\/<\/a><\/li><\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p>Threat analyst outlines phishing campaign delivering Cobalt Strike<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/new-phishing-attack-infects-devices-with-cobalt-strike\/\">https:\/\/www.bleepingcomputer.com\/news\/security\/new-phishing-attack-infects-devices-with-cobalt-strike\/<\/a><\/li><\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p>New NTLM relay attack uses Distributed File System and Namespace Management Protocol to take over domains<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><a href=\"https:\/\/thehackernews.com\/2022\/06\/new-ntlm-relay-attack-lets-attackers.html\">https:\/\/thehackernews.com\/2022\/06\/new-ntlm-relay-attack-lets-attackers.html<\/a><\/li><\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p>Large number of flaws found in Siemens\u2019 SINEC network management system, some allowing for RCE<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><a href=\"https:\/\/thehackernews.com\/2022\/06\/over-dozen-flaws-found-in-siemens.html\">https:\/\/thehackernews.com\/2022\/06\/over-dozen-flaws-found-in-siemens.html<\/a><\/li><\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p>Atlassian Confluence flaw <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-26134\">CVE-2022-26134<\/a> being exploited to deliver ransomware and crypto miners<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><a href=\"https:\/\/thehackernews.com\/2022\/06\/atlassian-confluence-flaw-being-used-to.html\">https:\/\/thehackernews.com\/2022\/06\/atlassian-confluence-flaw-being-used-to.html<\/a><\/li><\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p>Fake voicemail phishing campaign targeting US-based organizations, seeking Office365 and Outlook login credentials<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><a href=\"https:\/\/www.helpnetsecurity.com\/2022\/06\/21\/fake-voicemail-office365\/\">https:\/\/www.helpnetsecurity.com\/2022\/06\/21\/fake-voicemail-office365\/<\/a><\/li><\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Ransomware targeting vulnerable QNAP Network Attached Storage devices https:\/\/www.bleepingcomputer.com\/news\/security\/qnap-nas-devices-targeted-by-surge-of-ech0raix-ransomware-attacks\/ PHP flaw in QNAP Network Attached Storage devices leads to RCE vulnerability https:\/\/www.bleepingcomputer.com\/news\/security\/critical-php-flaw-exposes-qnap-nas-devices-to-rce-attacks\/ Threat analyst outlines phishing campaign delivering Cobalt Strike https:\/\/www.bleepingcomputer.com\/news\/security\/new-phishing-attack-infects-devices-with-cobalt-strike\/ New NTLM relay attack uses Distributed File System and Namespace Management Protocol to take over domains https:\/\/thehackernews.com\/2022\/06\/new-ntlm-relay-attack-lets-attackers.html Large number of flaws found in Siemens\u2019 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[15,14],"class_list":["post-69","post","type-post","status-publish","format-standard","hentry","category-news","tag-cybersecurity","tag-news"],"_links":{"self":[{"href":"https:\/\/gcsecurity.us\/index.php?rest_route=\/wp\/v2\/posts\/69","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/gcsecurity.us\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/gcsecurity.us\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/gcsecurity.us\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/gcsecurity.us\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=69"}],"version-history":[{"count":5,"href":"https:\/\/gcsecurity.us\/index.php?rest_route=\/wp\/v2\/posts\/69\/revisions"}],"predecessor-version":[{"id":113,"href":"https:\/\/gcsecurity.us\/index.php?rest_route=\/wp\/v2\/posts\/69\/revisions\/113"}],"wp:attachment":[{"href":"https:\/\/gcsecurity.us\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=69"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/gcsecurity.us\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=69"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/gcsecurity.us\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=69"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}