Our news

  • Vulnerability Summary for the Week of August 26, 2024

    High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info Adobe–Acrobat Reader  Acrobat Reader versions 127.0.2651.105 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open…

    READ MORE

  • #StopRansomware: RansomHub Ransomware

    Summary Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov to see…

    READ MORE

  • Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations

    Summary The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Defense Cyber Crime Center (DC3) are releasing this joint Cybersecurity Advisory (CSA) to warn network defenders that, as of August 2024, a group of Iran-based cyber actors continues to exploit U.S. and foreign organizations. This includes organizations across…

    READ MORE

  • CISA and Partners Release Advisory on Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations

    Today, CISA—in partnership with the Federal Bureau of Investigation (FBI) and the Department of Defense Cyber Crime Center (DC3)—released Iran-based Cyber Actors Enabling Ransomware Attacks on U.S. Organizations. This joint advisory warns of cyber actors, known in the private sector as Pioneer Kitten, UNC757, Parisite, Rubidium, and Lemon Sandstorm, targeting and exploiting U.S. and foreign…

    READ MORE

  • Versa Networks Releases Advisory for a Vulnerability in Versa Director, CVE-2024-39717

    Versa Networks has released an advisory for a vulnerability (CVE-2024-39717) in Versa Director, a key component in managing SD-WAN networks, used by some Internet Service Providers (ISPs) and Managed Service Providers (MSPs). A cyber threat actor could exploit this vulnerability to take control of an affected system.  CISA urges organizations to apply necessary updates, hunt…

    READ MORE

  • The Connection Between Cobalt Sapling, Moses Staff, and Abraham’s Ax

    Iranian-connected advanced persistent threat (APT) Cobalt Sapling was discovered in September of 2021, but evidence of their activity suggests being active since November of 2020. This hacktivist is known for anti-Israel sentiment, data extortion and encryption attacks and propaganda material among other things. Their motives appear to be solely political, as they never demand ransom…

    READ MORE

  • Vulnerability Summary for the Week of August 19, 2024

    High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info Liquid Web–GiveWP  Deserialization of Untrusted Data vulnerability in Liquid Web GiveWP allows Object Injection.This issue affects GiveWP: from n/a through 3.14.1. 2024-08-19 10 CVE-2024-37099 audit@patchstack.com  webdevmattcrom–GiveWP Donation Plugin and Fundraising Platform  The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress…

    READ MORE

  • CISA Adds One Known Exploited Vulnerability to Catalog for Versa Networks Director

    CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-39717 Versa Director Dangerous File Type Upload Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of…

    READ MORE

  • Best Practices for Event Logging and Threat Detection

    Executive Summary This publication defines a baseline for event logging best practices to mitigate cyber threats. It was developed by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) in cooperation with the following international partners:  United States (US) Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the National…

    READ MORE

  • Vulnerability Summary for the Week of August 12, 2024

    High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info 10Web Form Builder Team–Form Maker by 10Web  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in 10Web Form Builder Team Form Maker by 10Web allows Reflected XSS.This issue affects Form Maker by 10Web: from n/a through 1.15.26.…

    READ MORE