Tag: Vulnerability Alert
-
Docusign Phishing Attacks Security Bulletin
The TorchLight Security Operations Center has seen a massive increase in fake Docusign phishing emails since Monday of this week. While these threat vectors has been in use since early 2024, the massive rise in attacks this week is real. At this point, consider all Docusign emails to be hostile and must be carefully reviewed…
-
New Mac Vulnerability – Banshee MacOS Stealer
Our security operations center was notified of a new and novel bug that can affect all Macs. Titled “Banshee MacOS Stealer”, this first came on the scene in mid-2024 as a “malware as a service” exploit.
-
Log4j Critical Vulnerability
The critical vulnerability CVE-2021-44228 against log4j was released with zero-day exploitation actively occurring. If a device/application uses Java and logs any string relying on user input, it is vulnerable, and an attacker can run anything they wish on the system.