Category: Security
Cybersecurity Threat Advisory: Oracle WebLogic Server vulnerability
There has been active exploitation of a critical operating system (OS) command injection vulnerability, known as CVE-2017-3506, found in the Oracle WebLogic Server. The impact can be severe, ranging from financial loss to reputational damage. Review this Cybersecurity Threat Advisory...
Cybersecurity Threat Advisory: New attack tactic from DarkGate MaaS operation
The DarkGate Malware-as-a-Service (MaaS) operation are now using AutoHotkey to deliver the last stages of cyber attacks. Read this Cybersecurity Threat Advisory to learn more about this advanced tactic and how to mitigate your risks. What is the threat? DarkGate,...
5 Ways cybercriminals are using AI: Access and credential theft
Threat actors have embraced artificial intelligence (AI) for phishing, deepfakes, malware generation, content localization, and more. This week we’re looking at how they’re using it for credential theft to gain access to high-value networks. Stolen credentials are a goldmine for cybercriminals, especially if the...
Cybersecurity Threat Advisory: Check Point zero-day vulnerability
Check Point has issued a warning regarding a critical zero-day vulnerability known as CVE-2024-24919. The vulnerability has a CVSS score of 7.5 and is being actively exploited by threat actors in the wild. This can potentially allow attackers to read...
Cybersecurity Threat Advisory: Critical vulnerability discovered in FortiSIEM
A new critical command injection vulnerability, CVE-2024-23108, found in Fortinet’s FortiSIEM solution. This vulnerability poses significant risks to organizations using the solution. Review this Cybersecurity Threat Advisory to learn more now. What is the threat? CVE-2024-23108 impacts FortiSIEM versions 6.4.0...
Cybersecurity Threat Advisory: Foxit PDF Reader vulnerability
A critical Foxit PDF Reader vulnerability are generating unusual pattern of behaviors. This exploit triggers security warnings designed to deceive users to execute harmful commands. Read this Cybersecurity Threat Advisory to learn recommendations to minimize your risks. What is the...
Cybersecurity Threat Advisory: Fluent Bit critical vulnerability
This Cybersecurity Threat Advisory highlights a critical vulnerability discovered within a popular logging and metric solution called Fluent Bit. CVE-2024-4323, a new memory corruption vulnerability, has the potential to cause denial of service (DOS), information leakage, and code execution (RCE)....
Why cybersecurity insurance is essential for MSPs today
The daily stories about breaches, hacks, and ransomware have continued unabated in 2024. But how much of the damage wrought by cybercriminals is protected by cybersecurity insurance? Network Assured has compiled some startling statistics, including: The global cybersecurity market was...
Cybersecurity Threat Advisory: Black Basta ransomware surge
The Cybersecurity and Infrastructure Security Agency (CISA) has issued advisories in response to the widespread of Black Basta ransomware attacks. Review the recommendations detailed in this Cybersecurity Threat Advisory to defend against ransomware attacks and extortion. What is the threat?...
Cybersecurity Threat Advisory: Critical flaws discovered in Cacti framework
This Cybersecurity Threat Advisory breaks down multiple critical vulnerabilities in the Cacti framework, an open-source network monitoring and fault management tool. Successful exploitation of these vulnerabilities could allow attackers to execute arbitrary code and compromise network infrastructure. Continue reading this...
