Our news
-
Microsoft Releases June 2024 Security Updates
Microsoft has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following advisory and apply the necessary updates: Microsoft Security Update Guide for June
-
What are the Steps to Take During a Cyber Breach?
Detailed Steps after a Breach In today’s digital world, cyber breaches are an unfortunate reality that can affect organizations of all sizes. Knowing how to respond effectively can make the difference between a minor incident and a major catastrophe. Here are the best practices to follow during a cyber breach to mitigate damage and restore…
-
Cybersecurity and Cryptocurrency: Safeguarding Digital Assets in 2024
The emergence of cryptocurrency — decentralized, digital alternatives to fiat money ― is changing the ways in which we perform financial transactions. Yet through the proliferation of cryptocurrencies, come greater than ever security concerns. With the invention of cryptocurrencies, cyber-related incidents such as hacking, and fraud have also become commonplace. To anticipate these security issues,…
-
Vulnerability Summary for the Week of June 3, 2024
High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info 8theme–XStore Core Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in 8theme XStore Core allows PHP Local File Inclusion.This issue affects XStore Core: from n/a through 5.3.8. 2024-06-04 8.5 CVE-2024-33557audit@patchstack.com 8theme–XStore Improper Limitation of a Pathname to a…
-
Who is DefendEdge’s Co-Founder?
About Lewis Borsellino: Lewis is renowned for his incredibly successful trading career and has over 20 years of expertise in the international finance and risk management market. Borsellino prevailed in some of the largest and most dynamic markets, including Eurodollars and S&P futures. As a member of the Chicago Mercantile Exchange, he was referred to…
-
Shadow AI vs. Shadow IT
Within the corridors of modern enterprises, a lesser-known dichotomy lurks in the shadows: the juxtaposition of Shadow Artificial Intelligence (AI) and Shadow Information Technology (IT). These clandestine counterparts represent both the promise and peril of technological autonomy, each possessing the potential to revolutionize workflows or disrupt established protocols. Follow along as we illuminate the path…
-
Vulnerability Summary for the Week of May 27, 2024
High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info ASKEY–5G NR Small Cell ASKEY 5G NR Small Cell fails to properly filter user input for certain functionality, allowing remote attackers with administrator privilege to execute arbitrary system commands on the remote server. 2024-05-27 7.2 CVE-2024-5403twcert@cert.org.tw Astrotalks–Astrotalks SQL injection vulnerability in…
-
Vulnerability Summary for the Week of May 20, 2024
High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info ASUS–ExpertWiFi ASUS routers supporting custom OpenVPN profiles are vulnerable to a code execution vulnerability. An authenticated and remote attacker can execute arbitrary operating system commands by uploading a crafted OVPN profile. Known affected routers include ASUS ExpertWiFi, ASUS RT-AX55, ASUS RT-AX58U, ASUS…
-
Unraveling Living off the Land Cyber Attacks
The idea of a cyber attack conjures up many ideas in peoples’ minds. It is easy to imagine the attacks that make headlines: companies paying millions of dollars to ransomware gangs, massive DDoS attacks rendering websites inaccessible, or data breaches that compromise droves of sensitive records. These attacks are loud. The attacker wants you to…
-
Cisco Releases May 2024 Cisco ASA, FMC, and FTD Software Security Publication
Cisco released a bundled publication for security advisories that address vulnerabilities in Cisco Adaptive Security Appliance (ASA), Firepower Management Center (FMC), and Firepower Threat Defense (FTD) software. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following publication and…