Monthly Threat Advisory - October 2022
11/02/2022
OCTOBER RECAP
• Two zero-day remote code execution vulnerabilities of Microsoft Exchange servers
• Updates to known remote code execution vulnerabilities of Microsoft Exchange servers
• A state-sponsored group uses weaponised legitimate open-source software to launch targeted phishing attacks
• Fortinet Firewalls vulnerable to remote authentication bypass vulnerability
• Updates on Fortinet Vulnerability, CVE-2022-40684
• Alchimist Attack Framework
• Updates for Apple products
• Deprecation of Basic Authentication in Exchange Online
• Zimbra Critical Vulnerability Patch