Browsing Tag
vulnerability
60 posts
Weekly Top 10 – 9.25.2023- CLOP Gang Stolen Data, New AMBERSQUID Cryptojacking Operation, Payment Card Skimming Campaign
Chrome extensions capable of stealing plaintext passwords, Meta vs 'Spamoflauge' operation, new MITRE Caldera, and 7 more cybersecurity stories...
Meta’s Q1 2023 Adversarial Threat Report: What You Should Know
This May, Meta released its first quarter Adversarial Threat Report sharing insights into malware threats, coordinated inauthentic behavior known as CIB, cyber espionage, and more. Here we are reviewing the findings.
Anatomy of a Data Breach
A data breach is a common occurrence in the wake of a successful cyberattack. Let's discuss how they happen and how to prevent them.
Baselining Endpoint Risk
Baselining endpoints tells security professionals what risks exist and lets them develop a plan that improves and matures your security. Here we take a look at the common issues they find.
Mitigating The Unpatched Office and Windows HTML RCE (CVE-2023-36884)
July 2023's Patch Tuesday released fixes for several vulnerabilities being actively exploited in the wild, but only identified mitigation for one particular unpatched zero-day that can allow HTML remote code execution as part of an initial attack.
Breaking the Vulnerability & Patch Divide
Scott Savenelli explains why his approach to vulnerability and patch management has undergone a dramatic shift to respond to a growing and incessant volume of threats.
Increased Scanning Activity for Recent Exchange SSRF Vulnerabilities
OCTOBER 24, 2022 21:18 GMT Attempts to exploit the chained attack utilizing CVE-2022-41040 and CVE-2022-41082 are being observed…
Microsoft Warns of Two Actively-Exploited Exchange Zero-Days
SEPTEMBER 30, 2022 19:35 GMT This alert from Pillr is intended to brief users and administrators on newly…
CISA Warns of Exploited DDoS Vulnerability Impacting Palo Alto Firewalls
A new vulnerability in Palo Alto's PAN-OS affects firewalls, opening them up to potential amplified and reflected DDoS attacks.
CISA Suggests Patching Severe Vulnerability in OpenSSL
OpenSSL version 3.0.4 is susceptible to a vulnerability that allows for buffer overflow and remote code execution. CISA…