Browsing Category
Threat Advisories
97 posts
Briefings on the latest cybersecurity threats, vulnerabilities, and critical action items for security practitioners.
Weekly Top Ten Cybersecurity Stories – 1.20.2023
Poisoned Google search results create convincing phishing websites, 4000+ Sophos firewalls remain unpatched and vulnerable, CISA adds CentOS web panel to known exploited catalog
Weekly Top Ten Cybersecurity Stories – 1.13.2023
CISA adds Exchange privilege escalation bug to "known exploited" catalog, Fake AnyDesk websites deploying info stealer, multiple Cisco router models hit by no-workaround vulnerability, and 7 more...
Weekly Top Ten Cybersecurity Stories – 1.6.2023
Meddler-in-the-Middle phishing attacks bypass MFA, IcedID banking trojan Zoom phishing, Linux malware backdoor in Wordpress, and 7 more...
Weekly Top Ten Cybersecurity Stories – 12.16.2022
New SQL Injection attack capable of bypassing WAF, SPNEGO vulnerability reclassified "Critical", NSA urges patching of Citrix ADC and Gateway products, and seven more...
Critical Citrix ADC and Gateway Zero-Day Actively Exploited
Citrix has announced the release of an update to Citrix ADC and Gateway Appliance which patches CVE-2022-27518, a…
Weekly Top Ten Cybersecurity Stories – 12.9.2022
Supply chain manufacturer servers at risk, CISA calls to patch Chrome, ZeroBot exploiting hardware vulnerabilities, and more...
Weekly Top Ten Cybersecurity Stories – 12.2.2022
Fortinet bug actively exploited, GoTo discloses breach of development and cloud storage, LastPass reports secondary breach, FIFA used as cover for cybercrime, and more...
Weekly Top Ten Cybersecurity Stories – 11.18.2022
Windows Kerberos authentication malfunctions after Patch Tuesday, AgentTesla and LockBit 3.0 most prevalent of Q3, Batloader malware evades detection, and 7 more stories...
Weekly Top Ten Cybersecurity Stories – 11.11.2022
Expansive YouTube phishing campaign deploying infostealers, latest Emotet strain delivers IcedID and Bumblebee, RomCom RAT campaign spoofing KeePass and others.
Weekly Top Ten Cybersecurity Stories – 11.4.2022
SocGholish JavaScript malware framework distributed to hundreds of news websites across U.S., unofficial patch made available for Mark-of-the-Web (MotW) attack, Emotet back on the rise...