Academics Sites > Center for Applied Cyber Education > Cyber Threat Advisory

Cyber Threat Advisory

Cyber Threat Updates

New Self-Spreading Malware Infects Docker Containers to Mine Dero Cryptocurrency
Misconfigured Docker API instances have become the target of a new malware campaign that transforms them into a cryptocurrency mining botnet. The attacks, designed to mine for Dero currency, is notabl …

Cybercriminals Clone Antivirus Site to Spread Venom RAT and Steal Crypto Wallets
Cybersecurity researchers have disclosed a new malicious campaign that uses a fake website advertising antivirus software from Bitdefender to dupe victims into downloading a remote access trojan calle …

Russian Hackers Breach 20+ NGOs Using Evilginx Phishing via Fake Microsoft Entra Pages
Microsoft has shed light on a previously undocumented cluster of malicious activity originating from a Russia-affiliated threat actor dubbed Void Blizzard (aka Laundry Bear) that it said is attributed …

AI Agents and the Non‑Human Identity Crisis: How to Deploy AI More Securely at Scale
Artificial intelligence is driving a massive shift in enterprise productivity, from GitHub Copilot’s code completions to chatbots that mine internal knowledge bases for instant answers. Each new agent …

Employees Searching Payroll Portals on Google Tricked Into Sending Paychecks to Hackers
Threat hunters have exposed a novel campaign that makes use of search engine optimization (SEO) poisoning techniques to target employee mobile devices and facilitate payroll fraud. The activity, first …

MS-ISAC Updates

How Threat Modeling, Actor Attribution Grow Cyber Defenses
Want to enhance your threat modeling? By combining it with threat actor attribution, you can improve your cyber defenses. Read on to learn more.

CIS Benchmarks May 2025 Update
Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for May 2025.

Top 10 Malware Q1 2025
In Q1 2025, the Top 10 Malware observed via the MS-ISAC® changed slightly from the previous quarter. Read our blog post to learn more.

Hacktivist Group DieNet Claims DDoS Attacks against U.S. CNI
DieNet is a hacktivist group that's claimed DDoS attacks against U.S. critical infrastructure. Read on to learn its ideology and attack activity.

CIS Benchmarks April 2025 Update
Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for April 2025.

Subscribe to receive our monthly “Be Cyber Aware” report focused on regional cyber topics related to the Coastal Cyber District which includes Bryan, Bulloch, Camden, Chatham, Effingham, Glynn, Jenkins, Liberty, Long, McIntosh and Screven counties:

Last updated: 1/21/2023

A Vulnerability in Google Chrome Could Allow for Arbitrary Code Execution
A vulnerability has been discovered in Google Chrome which could allow for arbitrary code […]
Multiple Vulnerabilities in Ivanti Endpoint Manager Mobile Could Allow for Remote Code Execution
Multiple vulnerabilities have been discovered in Ivanti Endpoint Manager Mobile, the most severe of […]
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could […]
Multiple Vulnerabilities in Fortinet Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Fortinet Products, the most severe of which could […]
Critical Patches Issued for Microsoft Products, May 13, 2025
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could […]
Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution
Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which […]
Multiple Vulnerabilities in SonicWall Secure Mobile Access (SMA) 100 Series Management Interface Could Allow for Remote Code Execution
Multiple vulnerabilities have been discovered in SonicWall Secure Mobile Access (SMA) 100 Management Interface, […]
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could […]
A Vulnerability in SAP NetWeaver Visual Composer Could Allow for Remote Code Execution
A vulnerability has been discovered in SAP NetWeaver Visual Composer, which could allow for […]
A Vulnerability in SonicWall Secure Mobile Access (SMA) 100 Series Management Interface Could Allow for Remote Code Execution
A vulnerability has been discovered in SonicWall Secure Mobile Access (SMA) 100 Management Interface, […]

Cyber Threat Advisory

Cyber Advisory