Cybersecurity Threat Advisory: Microsoft MFA AuthQuake flaw
A new critical security flaw in Microsoft’s multi-factor authentication (MFA) system has been discovered. It enables attackers to easily bypass the protection and gain unauthorized access to user accounts. Review this Cybersecurity Threat Advisory to learn how to mitigate your...
Cybersecurity Threat Advisory: Active exploitation of ASA vulnerability
Cisco has confirmed that a decade-old cross-site scripting (XSS) vulnerability in its Adaptive Security Appliance (ASA) software is actively being exploited in the wild. Review this Cybersecurity Threat Advisory to learn how to mitigate your risk. What is the threat?...
Cybersecurity Threat Advisory: WordPress plugin critical vulnerabilities
Two critical security flaws have been identified in a WordPress plugin—Anti-Spam by CleanTalk. This plugin is installed on more than 200,000 websites. Review this Cybersecurity Threat Advisory to learn how to mitigate your risks from these vulnerabilities. What is...
Cybersecurity Threat Advisory: Phishing campaign spreading Remcos RAT malware
A new phishing campaign spreading a fileless variant of Remcos RAT malware has been discovered. Read this Cybersecurity Threat Advisory to learn how this could impact your organization. What is the threat? This campaign delivers malware through a phishing email...
Cybersecurity Threat Advisory: Vulnerabilities found in Microsoft Azure AI
Significant vulnerabilities in Microsoft’s Azure AI Content Safety services have been discovered. These vulnerabilities enable attackers to bypass safeguards and deploy harmful AI-generated content. Continue reading this Cybersecurity Threat Advisory to learn the implications of these flaws and which security...
Cybersecurity Threat Advisory: Critical security flaw in Styra’s OPA
A recent security vulnerability was found in Styra’s Open Policy Agent (OPA) that can lead to New Technology LAN Manager (NTLM) hashes exposure if exploited. Continue reading this Cybersecurity Threat Advisory to learn the implications of this flaw and the...
Cybersecurity Threat Advisory: Critical Fortinet RCE vulnerability exploited
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a remote code execution (RCE) vulnerability being actively exploited in Fortinet products. If you are using Fortinet, please read this Cybersecurity Threat Advisory to learn how to...
Cybersecurity Threat Advisory: Exploited cryptojacking campaign impacting Docker
A new cryptojacking campaign exploiting the Docker Engine API has been discovered. The large-scale hacking campaign is targeting Docker Swarm, Kubernetes, and Secure Socket Shell (SSH) servers. Continue reading this Cybersecurity Threat Advisory to learn how to mitigate your risk...
Cybersecurity Threat Advisory: Critical SAP vulnerabilities
SAP issued its August 2024 security patch update which included two critical flaws that enable attackers to bypass authentication and fully compromise affected systems. Review the details in this Cybersecurity Threat Advisory to learn how you can protect your SAP...
Cybersecurity Threat Advisory: Critical zero-day vulnerability in Apache OFBiz
CVE-2024-38856 is a new Apache OFBiz ERP system critical zero-day vulnerability. If you are using this system, please continue reading this Cybersecurity Threat Advisory to learn which steps you should take to mitigate your risk. What is the threat? Researchers...
