Browsing Category

Threat Advisories

39 posts

Briefings on the latest cybersecurity threats, vulnerabilities, and critical action items for security practitioners.

Critical RCE Vulnerability in Palo Alto Global Protect Firewall Affects Estimated 10,000 VPNs

Randori, a red team cybersecurity company, officially disclosed a zero-day memory corruption vulnerability within the Palo Alto Global…

November 11, 2021

High-Priority, Actively-Exploited Vulnerabilities Patched in Exchange and Excel

Microsoft’s Patch Tuesday for November 2021 fixed 55 bugs across several products, six of which are rated critical.…

November 11, 2021

Cisco Patches Vulnerabilities Across Multiple Product Lines

Oct 27, 2021 22:30 GMT Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) are the most…

October 27, 2021

Microsoft warns of continued supply chain attacks leveraging service providers and product resellers

Recent nation state attacks are proving that compromising a company through vendor relationships is the new normal. Background…

October 26, 2021

Oracle releases October Critical Patch Update for all product lines

Urgent action is required to apply the critical patch updates, as Oracle products are everywhere and threat actors…

October 20, 2021

October Patch Tuesday Updates More Than 40 Microsoft Products and Technologies

Microsoft has patched a host of vulnerabilities, including three rated “critical” and one actively being exploited by nation…

October 13, 2021

Apple Releases Updates to Actively Exploited iOS and iPadOS Vulnerability

The vulnerability allows for arbitrary code execution at kernel level permissions and appears to be actively leveraged by…

October 13, 2021

Apache Patches Actively Exploited Directory Traversal Flaw In Popular HTTP Server

The popular Apache HTTP Server has received an update to patch a directory traversal vulnerability on versions 2.4.49 and 2.4.50,…

October 8, 2021

GitLab Security Updates Patch Dozens of Newly Disclosed Vulnerabilities

Multiple high-rated Cross-Site Scripting (XSS) vulnerabilities that allow for arbitrary JavaScript Execution are among the many vulnerabilities patched…

October 6, 2021

Hikvision Cameras RCE Vulnerability Requires a Firmware Update

On September 19, 2021, Hikvision released a security advisory (CVE-2021-36260) regarding an unauthenticated remote code execution vulnerability reported…

October 4, 2021

Hand-Picked Top-Read Stories

The Five Biggest Cybersecurity Challenges in 2021

The Dangerously Opaque World of the Shopify App Store

A Threat Hunting Primer

Trending Tags

Threat Advisories

Critical RCE Vulnerability in Palo Alto Global Protect Firewall Affects Estimated 10,000 VPNs

High-Priority, Actively-Exploited Vulnerabilities Patched in Exchange and Excel

Cisco Patches Vulnerabilities Across Multiple Product Lines

Microsoft warns of continued supply chain attacks leveraging service providers and product resellers

Oracle releases October Critical Patch Update for all product lines

October Patch Tuesday Updates More Than 40 Microsoft Products and Technologies

Apple Releases Updates to Actively Exploited iOS and iPadOS Vulnerability

Apache Patches Actively Exploited Directory Traversal Flaw In Popular HTTP Server

GitLab Security Updates Patch Dozens of Newly Disclosed Vulnerabilities

Hikvision Cameras RCE Vulnerability Requires a Firmware Update

Threat Advisories

PoC Released For New VMware vCenter Vulnerability

Netgear Warns Certain Routers Impacted by Remote Code Execution Vulnerability

Microsoft’s September 2021 Patch Tuesday closes OMIGOD vulnerability which allows RCE on Azure Linux VMs

FORCEDENTRY zero-click exploit used on Apple iOS, MacOS, and WatchOS devices

Attackers Exploit Microsoft Windows Remote Code Execution Vulnerability In The Wild

Education

MITRE ATT&CK 101

Security Assessments 101

Phishing Monitoring

Endpoint Protection (EPP) & Endpoint Detection & Response (EDR) Efficacy Analysis

The New Standard of

Cybersecurity
Education

Innovate Cybersecurity Summit