Category: Security
Cybersecurity Threat Advisory: F5 BIG-IP RCE vulnerability
This Cybersecurity Threat Advisory involves a critical vulnerability discovered in F5 BIG-IP products, identified as CVE-2023-46747. The vulnerability allows unauthenticated remote code execution and poses significant security risks. With a CVSS score of 9.8, immediate attention is required to mitigate...
Cybersecurity Awareness Month: Tips to follow year-round
While Cybersecurity Awareness Month serves as a reminder for everyone to follow cybersecurity best practices, strong awareness should continue year-round. This month, the Cybersecurity and Infrastructure Security Alliance released their “Secure Our World” awareness campaign that aims to broadly promote cybersecurity...
New FAR-reaching rules for MSPs
Managed service providers (MSPs) must navigate a complex patchwork of international, national, and local cybersecurity laws and regulations, and soon, there will be even more rules to follow. On October 3, 2023, the Federal Acquisition Regulation (FAR) Council released two...
Cybersecurity Threat Advisory: Increased cyberattacks unveiled
This Cybersecurity Threat Advisory looks at a threat actor who is targeting various private sector entities in Israel. Read the recommendations below to implement a layered security approach to protect against these cyberattacks. What is the threat? Microsoft has unveiled...
Cybersecurity Threat Advisory: NetScaler vulnerability exploited
A critical information disclosure vulnerability in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway has been exploited in the wild as a zero-day vulnerability beginning in late August 2023. This vulnerability is identified to be exploited remotely and with no...
Email-borne attacks hit energy and utilities harder than most other sectors
The energy and utilities industry is part of the world’s critical infrastructure. Without reliable access to electricity, natural gas, renewables, water supplies, and more, many things we rely on will grind to a halt with potentially devasting consequences for companies,...
Guarding the Gates: The rise of network protection in the 1990s
As part of our 5-part series on the evolution of cybersecurity, check out our second article below that covers how the security industry laid the groundwork for a more holistic approach to cybersecurity. We are continuing our series that explores...
Cybersecurity Threat Advisory: HTTP/2 vulnerability
Amazon Web Services (AWS), Cloudflare, and Google announced measures to mitigate unprecedented distributed denial-of-service (DDoS) attacks that utilize an innovative HTTP/2 Rapid Reset technique. In this Cybersecurity Threat Advisory, learn the details of this threat, what the risks are, and...
The acute phenomenon of the cybersecurity skills shortage
Despite ongoing efforts to train recruits, it doesn’t appear that the cybersecurity skills shortage is going to abate any time soon. A survey of 301 IT and cybersecurity professionals conducted by Enterprise Strategy Group, an arm of TechTarget, on behalf...
Cybersecurity Threat Advisory: Cisco IOS XE zero-day vulnerability
This latest Cybersecurity Threat Advisory involves a critical authentication bypass zero-day vulnerability (CVE-2023-20198) discovered in Cisco IOS XE software, allowing unauthenticated attackers to gain full administrator privileges over affected routers and switches. This vulnerability is of utmost concern as it...
