Our news
-
AA21-200A: Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department
Original release date: July 19, 2021 Summary This Joint Cybersecurity Advisory was written by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) to provide information on a Chinese Advanced Persistent Threat (APT) group known in open-source reporting as APT40. This advisory provides APT40’s tactics, techniques, and procedures (TTPs) and…
-
Top CVEs Trending with Cybercriminals
An analysis of criminal forums reveal what publicly known vulnerabilities attackers are most interested in.
-
The Evolving Role of the CISO
Curtis Simpson, CISO at Armis, discusses the stop qualities that all CISOs need to possess to excel.
-
Critical Juniper Bug Allows DoS, RCE Against Carrier Networks
Telecom providers, including wireless carriers, are at risk of disruption of network service if the bug in SBR Carrier is exploited.
-
Windows 0-Days Used Against Dissidents in Israeli Broker’s Spyware
Candiru, aka Sourgum, allegedly sells the DevilsTongue surveillance malware to governments around the world.
-
Microsoft: New Unpatched Bug in Windows Print Spooler
Another vulnerability separate from PrintNightmare allows for local elevation of privilege and system takeover.
-
Zero-Day Attacks on Critical WooCommerce Bug Threaten Databases
The popular e-commerce platform for WordPress has started deploying emergency patches.
-
Ransomware Risk in Unpatched, EOL SonicWall SRA and SMA 8.x Products
Original release date: July 15, 2021 CISA is aware of threat actors actively targeting a known, previously patched, vulnerability in SonicWall Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x firmware. Threat actors can exploit this vulnerability to initiate a targeted ransomware attack. CISA encourages users…
-
Juniper Networks Releases Security Updates for Multiple Products
Original release date: July 15, 2021 Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Juniper Networks security advisories page and apply the necessary updates. This product is provided subject…
-
SonicWall Warns Firewall Hardware Bugs Under Attack
SonicWall issued an urgent security alert warning customers that some of its current and legacy firewall appliances were under active attack.