If you’re wondering how this newsletter helps you, let us tell you why we’re here.
Fletch is about minimizing the human fatigue around constantly chasing the threats you read about in the news each day. Can you relate?
Every week, we send this newsletter to give you a taste of Fletch, surfacing the top 5 threats from last week.
If you want to know what the top threats are daily, join the waitlist to get started.
So what were the top threats last week?
1. Log4j Exploit Hits Again: Vulnerable VMWare Horizon Servers at Risk
Criticality Level: CRITICAL
- TL;DR: The fear of the Log4j security flaw has once again returned as threat actors have started to exploit vulnerable VMWare Horizon Servers.
- CVEs: CVE-2021-44228, CVE-2021-45046
- Malware: Cobalt Strike
2. SolarWinds Patches Serv-U Vulnerability Propagating Log4j Attacks
Criticality Level: CRITICAL
- TL;DR: SolarWinds released patches for a Serv-U vulnerability that Microsoft says has been abused for the propagation of Log4j attacks.
- CVEs: CVE-2021-35247
3. MoonBounce: the dark side of UEFI firmware
Criticality Level: CRITICAL
- TL;DR: At the end of 2021, Kaspersky inspected UEFI firmware that was tampered with to embed a malicious code dubbed MoonBounce. In this report, Kaspersky describes how the MoonBounce implant works and how it is connected to APT41.
- Malware: MoonBounce, ScrambleCross, CROSSWALK
4. Zoho Patches Critical Vulnerability in Endpoint Management Solutions
Criticality Level: CRITICAL
- TL;DR: Zoho Corp on January 17th said it has released patches for a critical vulnerability affecting Desktop Central and Desktop Central MSP, the endpoint management solutions from ManageEngine.
- CVEs: CVE-2021-44757
5. Phishing impersonates shipping giant Maersk to push STRRAT malware
Criticality Level: HIGH
- TL;DR: A new phishing campaign using fake shipping delivery lures installs the STRRAT remote access trojan on unsuspecting victim's devices.
- Malware: STRRAT
