Our news
-
Vulnerability Summary for the Week of May 27, 2024
High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info ASKEY–5G NR Small Cell ASKEY 5G NR Small Cell fails to properly filter user input for certain functionality, allowing remote attackers with administrator privilege to execute arbitrary system commands on the remote server. 2024-05-27 7.2 CVE-2024-5403twcert@cert.org.tw Astrotalks–Astrotalks SQL injection vulnerability in…
-
Vulnerability Summary for the Week of May 20, 2024
High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info ASUS–ExpertWiFi ASUS routers supporting custom OpenVPN profiles are vulnerable to a code execution vulnerability. An authenticated and remote attacker can execute arbitrary operating system commands by uploading a crafted OVPN profile. Known affected routers include ASUS ExpertWiFi, ASUS RT-AX55, ASUS RT-AX58U, ASUS…
-
Unraveling Living off the Land Cyber Attacks
The idea of a cyber attack conjures up many ideas in peoples’ minds. It is easy to imagine the attacks that make headlines: companies paying millions of dollars to ransomware gangs, massive DDoS attacks rendering websites inaccessible, or data breaches that compromise droves of sensitive records. These attacks are loud. The attacker wants you to…
-
Cisco Releases May 2024 Cisco ASA, FMC, and FTD Software Security Publication
Cisco released a bundled publication for security advisories that address vulnerabilities in Cisco Adaptive Security Appliance (ASA), Firepower Management Center (FMC), and Firepower Threat Defense (FTD) software. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following publication and…
-
Free Cyber Threat Assessment
What’s Included in Your Free Cyber Assessment? Why Choose DefendEdge? How It Works Get Your Free Assessment Today Don’t wait until it’s too late. Take proactive steps to protect your business by understanding your cybersecurity vulnerabilities. Your Trusted Advisors Request Your Free Cyber Threat and Vulnerability Assessment What Our Clients Say “DefendEdge’s free assessment opened…
-
Protect Your Business
— Cutting-Edge Solutions Stay Ahead of Cyber Threats with DefendEdge Protect Your Business with DefendEdge Managed Security and Cyber Threat Intelligence Services In today’s digital landscape, protecting your business from cyber threats is more critical than ever. DefendEdge provides comprehensive managed security services and advanced cyber threat intelligence to safeguard your business and ensure you…
-
Vulnerability Summary for the Week of May 13, 2024
High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info 8theme–XStore Core Improper Privilege Management vulnerability in 8theme XStore Core allows Privilege Escalation.This issue affects XStore Core: from n/a through 5.3.8. 2024-05-17 9.8 CVE-2024-33552audit@patchstack.com 8theme–XStore Core Unrestricted Upload of File with Dangerous Type vulnerability in 8theme XStore Core.This issue affects XStore Core:…
-
Rockwell Automation Encourages Customers to Assess and Secure Public-Internet-Exposed Assets
Rockwell Automation has released guidance encouraging users to remove connectivity on all Industrial Control Systems (ICS) devices connected to the public-facing internet to reduce exposure to unauthorized or malicious cyber activity. Users and administrators are encouraged review the following Rockwell Automation notice for more information: SD1672: Rockwell Automation Reiterates Customer Guidance to Disconnect Devices from…
-
The Dark Web: Exploring Hidden Dangers and Cybercrime Networks
In the vast expanse of the internet lies a hidden realm known as the dark web. As opposed to the surface web, which the average person uses daily, it operates on a deeper level of concealment — nurturing a convolution of illegal doings alongside networks focused on cybercrime. Often depicted as being mysterious and dangerous,…
-
Royal Tiger – The First Officially Designated Robocall Threat Actor
On Monday, May 13th, the Federal Communications Commission (FCC) officially named its first robocall threat actor group,’ Royal Tiger’. This move goes along with the FCC’s new robocall bad actor classification system, Consumer Communications Information Services Threat (C-CIST). This system aims to assist law enforcement and industry partners with tracking threat actors behind robocall campaigns. Royal Tiger is comprised of members operating…