1 March 2021 Weekly Newsletter

BOCRA website




Cisco fixes maximum severity MSO auth bypass vulnerability

                                                     LATEST CYBER HACKS 




Jamaica’s immigration website exposed thousands of travelers’ data

Immigration documents and COVID-19 lab results were left unprotected


Credential-Stuffing Attack Targets Regional Internet Registry

RIPE NCC, the regional Internet registry for Europe, West Asia, and the former Soviet Union, said attackers attempted a credential-stuffing attack against its single-sign on service.





Chinese Hackers Using Firefox Extension to Spy On Tibetan Organizations

Cybersecurity researchers today unwrapped a new campaign aimed at spying on vulnerable Tibetan communities globally by deploying a malicious Firefox extension on target systems.



Attackers scan for vulnerable VMware servers after PoC exploit release

After security researchers have developed and published proof-of-concept (PoC) exploit code targeting a critical vCenter remote code execution (RCE) vulnerability, attackers are now actively scanning for vulnerable Internet-exposed VMware servers.


Google Discloses Details of Remote Code Execution Vulnerability in Windows

Google’s cybersecurity research unit Project Zero on Wednesday disclosed the details of a recently patched Windows vulnerability that can be exploited for remote code execution



Nginx: Server misconfigurations found in the wild that expose websites to attacks

Security researchers at Detectify have discovered a series of middleware misconfigurations in Nginx that could leave web applications vulnerable to attack.





Flash version distributed in China after EOL is installing adware

Security researchers say the Chinese Flash app is behaving lide adware and opening browser windows to show ads.



Powerhouse VPN products can be abused for large-scale DDoS attacks

Botnet operators are abusing VPN servers from VPN provider Powerhouse Management as a way to bounce and amplify junk traffic part of DDoS attacks.



Warning: Google Alerts abused to push fake Adobe Flash updater

Threat actors are using Google Alerts to promote a fake Adobe Flash Player updater that installs other unwanted programs on unsuspecting users' computers.

                               GENERAL NEWS



Microsoft: We've open-sourced this tool we used to hunt for code by SolarWinds hackers

Microsoft tapped GitHub's CodeQL to discover whether its source code had been modified in the SolarWinds supply chain attack.


Facebook bans Myanmar military-controlled accounts from its platforms

Facebook announced on Wednesday it has banned almost all Myanmar military-controlled state and media accounts from its platforms, Facebook and Instagram.


Botswana Communications Regulatory Authority

Private Bag 00495, Gaborone, Botswana


Disclaimer: This information was gathered from multi-trusted feeds and it is not created by COMM-CIRT