Category: Security

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Fortinet FortiClientEMS critical vulnerability

Cybersecurity Threat Advisory: Fortinet FortiClientEMS critical vulnerability

Fortinet has released security updates for an unauthorized code execution vulnerability impacting their FortiClientEMS (Endpoint Management Server) product. The vulnerability, CVE-2023-48788, is related to a flaw that allows unauthenticated malicious actors to execute code or commands onto the server via...

/ March 18, 2024
The value of contextual data in cybersecurity

The value of contextual data in cybersecurity

Contextual data has been a term circling the cybersecurity space for a while now. What exactly is contextual data, and how can managed service providers (MSPs) leverage it to make robust protection programs for clients? Contextualized data in cybersecurity refers...

/ March 18, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Fortinet vulnerability

Cybersecurity Threat Advisory: Critical Fortinet vulnerability

A critical vulnerability is affecting many Fortinet devices. Approximately 150,000 Fortinet OS and FortiProxy Secure Web Gateway systems are believed to be exposed to this flaw. Continue reading this Cybersecurity Threat Advisory to learn how you can mitigate the potential...

/ March 14, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: OpenEdge authentication bypass vulnerability

Cybersecurity Threat Advisory: OpenEdge authentication bypass vulnerability

A critical vulnerability (CVE-2024-1403) affecting Progress Software OpenEdge Authentication Gateway and AdminServer impacts versions 11.7.18 and earlier, 12.2.13 and earlier, and 12.8.0. The vulnerability allows unauthorized access due to manipulation of username and password combinations during the authentication process. Review...

/ March 13, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical vulnerabilities in QNAP devices

Cybersecurity Threat Advisory: Critical vulnerabilities in QNAP devices

Critical authentication bypass vulnerabilities have been identified in QNAP network attached storage (NAS) devices. These flaws pose significant risks, allowing unauthorized access to affected devices. Review the recommendations in this Cybersecurity Threat Advisory to ensure your systems are secure. What...

/ March 13, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: USB attacks

Cybersecurity Threat Advisory: USB attacks

There have been increasing reports of threat actors leveraging a classic malware delivery method in recent months: USB attacks. Continue reading this Cybersecurity Threat Advisory to learn how you can prevent these attacks and reduce risks for your customers. What...

/ March 11, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Cisco patches high-severity bug

Cybersecurity Threat Advisory: Cisco patches high-severity bug

Cisco has released security updates for a vulnerability affecting its Secure Client software. Successful exploitation could allow threat actors to steal a targeted user’s token and establish a virtual private network (VPN) session. The vulnerability tracked as CVE-2024-20337 has a...

/ March 9, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: TeamCity’s server vulnerabilities

Cybersecurity Threat Advisory: TeamCity’s server vulnerabilities

This Cybersecurity Threat Advisory highlights JetBrains’ TeamCity vulnerabilities found in the CI/CD Server. One vulnerability allows unauthenticated access to an instance while the other allows for unauthenticated information disclosure and modification. What is the threat? A critical-severity authentication bypass vulnerability...

/ March 9, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical vulnerabilities in VMware

Cybersecurity Threat Advisory: Critical vulnerabilities in VMware

VMware has released updates addressing four security flaws in ESXi, Workstation, and Fusion. Two out of the four flaws, CVE-2024-22252 and CVE-2024-22253, were identified as critical with CVSS scores of 9.3 for Workstation/Fusion and 8.4 for ESXi. This Cybersecurity Threat...

/ March 8, 2024
Threat spotlight
Threat Spotlight: Web apps under active threat from 10-year-old Shellshock bugs and miners

Threat Spotlight: Web apps under active threat from 10-year-old Shellshock bugs and miners

The Shellshock bugs — there are six related CVE designations — have the highest severity rating of 10. They exist in the Unix Bash shell, which is the default command-line interface on all Linux, Unix, and Mac-based operating systems. If...

/ March 7, 2024