02 June 2021 Weekly Newsletter


BOCRA website




Critical RCE Vulnerability Found in VMware vCenter Server — Patch Now!

                                                     LATEST CYBER HACKS 




Fake human rights organization, UN branding used to target Uyghurs in ongoing cyberattacks

Potential victims are sent phishing documents branded with the United Nations' Human Rights Council (UNHRC) logo. Named UgyhurApplicationList.docx, this document contains decoy material relating to discussions of human rights violations. 


Fujitsu suspends ProjectWEB platform after Japanese government hacks

Japanese tech giant Fujitsu has temporarily taken down its ProjectWEB enterprise software-as-a-service (SaaS) platform after hackers gained access to its systems and stole files belonging to multiple Japanese government entities.





SonicWall Patches Command Injection Flaw in Firewall Management Application

SonicWall reveals in a security advisory, is an OS command injection flaw that could be exploited by an attacker who has already been able to authenticate to a vulnerable system. The fact that authentication is required for exploitation lowers the severity of the flaw.



XSS Vulnerability Found In ReDi Restaurant Reservation WordPress Plugin

Severe security flaws uncovered in popular Visual Studio Code extensions could enable attackers to compromise local machines as well as build and deployment systems through a developer's integrated development environment (IDE).



XSS Vulnerability Found In ReDi Restaurant Reservation WordPress Plugin Attribution

A serious security vulnerability existed in the WordPress plugin ReDi Restaurant Reservation. Specifically, researchers found an XSS vulnerability in the plugin that allowed an adversary to steal sensitive customer data.





Malware Can Use This Trick to Bypass Ransomware Defence in Antivirus Solutions

Researchers have disclosed significant security weaknesses in popular software applications that could be abused to deactivate their protections and take control of allow-listed applications to perform nefarious operations on behalf of the malware to defeat anti-ransomware defences.



Epsilon Red: A New Ransomware in the Threat Landscape

New ransomware written in Golang called Epsilon Red was recently unearthed by security experts. This ransomware is delivered as the final executable payload in a human-controlled attack. According to Sophos analysts, it was observed in attacks aimed at U.S.-based hospitality businesses.



Facefish Backdoor delivers rootkits to Linux x64 systems

Cybersecurity experts from Qihoo 360 NETLAB published details about a new backdoor, dubbed Facefish, which can be used by threat actors to steal login credentials and executing arbitrary commands on Linux systems.

                               GENERAL NEWS




FBI To Share Pwned Passwords With HIBP As It Goes Open Source

The popular resource helping people with managing breached passwords, Have I Been Pwned, brings some interesting updates. At first, Troy Hunt has announced making HIBP open source. Secondly, the FBI has pledged to officially share all pwned passwords with HIBP.



Docker Honeypot Reveals Cryptojacking as Most Common Cloud Threat

Misconfigured Docker daemons allow remote attackers to gain full control over a Docker instance and perform operations, such as deploying new containers and even escalating to the host.



Microsoft Introduced SimuLand – An Open-Source Lab Testing Real-Time Attacks

Microsoft recently released a useful tool for the cybersecurity community. Named as ‘SimuLand’, the tool is an open-source project from Microsoft that allows testing real-time attack scenarios.


Botswana Communications Regulatory Authority

Private Bag 00495, Gaborone, Botswana


Disclaimer: This information was gathered from multi-trusted feeds and it is not created by COMM-CIRT