Our news
-
FBI Update on Exploitation of Fortinet FortiOS Vulnerabilities
Original release date: May 28, 2021 The Federal Bureau of Investigation (FBI) has released an FBI FLASH, APT Actors Exploiting Fortinet Vulnerabilities to Gain Access for Malicious Activity, which describes advanced persistent threat (APT) actors exploiting known Fortinet FortiOS vulnerabilities. APT actors may exploit these vulnerabilities to gain initial access to multiple government, commercial, and…
-
Building Multilayered Security for Modern Threats
Justin Jett, director of audit and compliance for Plixer, discusses the elements of a successful advanced security posture.
-
Targeted AnyDesk Ads on Google Served Up Weaponized App
Malicious ad campaign was able to rank higher in searches than legitimate AnyDesk ads.
-
Microsoft Announces New Campaign from NOBELIUM
Original release date: May 27, 2021 The Microsoft Threat Intelligence Center (MSTIC) has released information on the uncovering of a widespread malicious email campaign undertaken by the activity group that Microsoft tracks as NOBELIUM. NOBELIUM was initially identified in November 2020, during an intrusion at a major cybersecurity organization. Microsoft security researchers identify NOBELIUM as the actor…
-
Updates to Alert on Pulse Connect Secure
Original release date: May 27, 2021 CISA has updated Alert AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities to include new threat actor techniques, tactics, and procedures (TTPs), indicators of compromise (IOCs), and updated mitigations. CISA encourages users and administrators to review AA21-110A and the following resources for more information: • Re-Checking Your Pulse • …
-
Biden’s Cybersecurity Executive Order Puts Emphasis on the Wrong Issues
David Wolpoff, CTO at Randori, argues that the call for rapid cloud transition Is a dangerous proposition: “Mistakes will be made, creating opportunities for our adversaries.
-
Working Remotely: Preventing Disaster
Working Remotely: Preventing Disaster Following the start of the COVID-19 pandemic, working remotely has become increasingly popular in many organizations. A policy that was once meant to be only temporary, has been taking rapid steps towards permanence due to the promotion of increased productivity and an improved work-life balance. While this has many benefits for the organization and employees,…
-
A Peek Inside the Underground Ransomware Economy
Threat hunters weigh in on how the business of ransomware, the complex relationships between cybercriminals, and how they work together and hawk their wares on the Dark Web.
-
PDF Feature ‘Certified’ Widely Vulnerable to Attack
Researchers found flaws most of the ‘popular’ PDF applications tested.
-
VMware Sounds Ransomware Alarm Over Critical Severity Bug
VMware’s virtualization management platform, vCenter Server, has a critical severity bug the company is urging customers to patch “as soon as possible”.