Cyber Heads-up
Update: Iranian-U.S./Israeli Hostilities Lead to Increased Threat Landscape
Overview This is an update to the Cyber Heads-up we posted back on March 4, 2026, with detailed information about Iranian threat activity tied to ongoing U.S./Israeli operations. Analysis At the start ...
Iranian-U.S./Israeli Hostilities Lead to Increased Threat Landscape
Overview Iranian‑aligned cyber actors pose an elevated near‑term risk due to their history of espionage, credential theft, disruptive attacks, and high‑visibility “hacktivist” and disinformation operations, often targeting U.S. and allied interests through ...
Updated: ACTIVE EXPLOITATION ALERT: Zero-Day Vulnerability Affecting Self-Hosted SharePoint Servers (CVE-2025-53770/53771)
Updated on 24 July 2025 to add links to external references and add guidance around applying security updates published by Microsoft. Overview: On July 18, 2025, Eye Security identified large-scale exploitation of ...
Cyber Heads Up: “BadSuccessor”—A Critical Active Directory Privilege Escalation Vulnerability in Windows Server 2025
Overview: Akamai researchers have identified a significant privilege escalation vulnerability in Windows Server 2025, termed “BadSuccessor.” This flaw exploits the newly introduced delegated Managed Service Accounts (dMSAs) feature, allowing attackers to impersonate ...
Cyber Heads Up: Tenable Plugin Update Causes Agents to Disconnect from Cloud Console (Read for Fix)
Overview: We hope you had a fantastic holiday! Unfortunately, the Grinch might have left one last surprise for us – Tenable has identified a critical issue affecting Nessus Agent versions 10.8.0 and ...
Phishing Campaign Installs Backdoor-Loaded VM to Evade Antivirus and Harvest Credentials
Overview Assura, Inc. has been made aware of this attack pattern, has taken steps to detect it in our managed services, and is following the attack in the blogs of security researchers ...
CISA Urgent Advisory: Exploitation of Unitronics programmable logic controllers (PLCs)
Overview The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory concerning the exploitation of Unitronics programmable logic controllers (PLCs) within the Water and Wastewater Systems (WWS) Sector. These critical ...
MOVEit Transfer Software: Critical Zero-day Being Actively Exploited
Overview Assura’s Security Operations Center is seeing active exploitation of a SQL Injection flaw in Progress Software’s MOVEit Transfer product first announced on May 31, 2023. The vulnerability is CVE-2023-34362. Technical Analysis ...
Critical Vulnerability in Zyxel Network Appliances Exploited, PoC Scripts Circulating
Overview A few days after Rapid7 posted their technical analysis of CVE-2023-28771, which included a proof-of-concept exploit, Assura’s Offensive Security Operations team noticed a lot of chatter on social media and hacking ...
Exploiting CVE-2023-23397: Microsoft Outlook Elevation of Privilege Vulnerability
Overview Assura’s Offensive Security Operations Team has been looking into MDSec’s Dominic Chell’s research into the recent Microsoft Office Outlook updates where Dominic found that there is a privilege escalation vulnerability within ...
