Browsing Category
Threat Advisories
112 posts
Briefings on the latest cybersecurity threats, vulnerabilities, and critical action items for security practitioners.
Weekly Top Ten Cybersecurity Stories – 5.19.2023
Apple fixes zero-days exploited on iPhone and Mac, ASUS routers taken offline by bad update, Sidewinder group infrastructure uncovered, and 7 more cybersecurity stories...
Weekly Top Ten Cybersecurity Stories – 5.12.2023
Hunting Russian intelligence "Snake" malware, Microsoft Secure Boot zero-day fix, zero-click Windows vulnerability, and 7 more...
Weekly Top Ten Cybersecurity Stories – 5.5.2023
City of Dallas hit by Royal ransomware attack, the beginning of the end of the password, Dragon Breath DLL sideloading attacks, and 7 more stories...
Weekly Top Ten Cybersecurity Stories – 4.28.2023
Critical vulnerabilities in PaperCut print management software, Cisco XSS zero-day in server management tool, new Apache Superset vulnerability, and 7 more stories...
Weekly Top Ten Cybersecurity Stories – 4.21.2023
Fortra shares findings on GoAnywhere MFT zero-day attacks, Google Chrome hit by another zero-day attack, Docker privilege escalation vulnerability, and 7 more...
Weekly Top Ten Cybersecurity Stories – 4.14.2023
Microsoft Patch Tuesday rolls out fixes for 97 flaws, Nokoyawa ransomware attacks with Windows Zero-Day, detecting BlackLotus, and 7 more stories in cybersecurity!
Defending Against Cobalt Strike-Based Malware In Your Environment
While the comprehensive attack framework Cobalt Strike has proven invaluable to legitimate red teams and pen test efforts…
Weekly Top Ten Cybersecurity Stories – 4.7.2023
Defender's guide to the 3CX supply chain attack, Western Digital network breach, IRS eFile.com serving JS malware, and 7 more stories...
Weekly Top Ten Cybersecurity Stories – 3.17.2023
Microsoft fixes two zero-days actively exploited by state-sponsored threat actors, Adobe Coldfusion vulnerability exploited in the wild, U.S. federal agency breached using 3-year-old vulnerability, and 8 more stories...
March 2023 Patch Tuesday Closes Two Zero-Days Actively Exploited By State-Sponsored Actors
Microsoft's Patch Tuesday for March 2023 fixes more than 80 vulnerabilities, 9 of which are rated critical severity, and 2 zero-days—an Outlook Elevation of Privilege Vulnerability (CVE-2023-23397) and a Windows SmartScreen Security Feature Bypass Vulnerability (CVE-2023-24880).
Administrators are encouraged to apply updates ASAP. If this is not possible, there are some mitigating actions to be taken.