Tag: Vulnerability Alert
-
Microsoft Teams Phishing Attacks
TorchLight Security Operations Center continues to hear about Microsoft Teams as the vector to social engineering, phishing and spearphishing attempts by hackers. Given the volume of noise, we thought we’d publish what we know and how to defend against these attacks.
-
Log4j Critical Vulnerability
The critical vulnerability CVE-2021-44228 against log4j was released with zero-day exploitation actively occurring. If a device/application uses Java and logs any string relying on user input, it is vulnerable, and an attacker can run anything they wish on the system.