Tag: Cybersecurity Threat Advisory

Cybersecurity Threat Advisory: Critical vulnerabilities in Kemp LoadMaster
Kemp LoadMaster Load Balancer contains five high-severity vulnerabilities that can cause major disruptions to a network upon a successful exploitation. Review this Cybersecurity Threat Advisory to learn how to protect against these vulnerabilities. What is the threat? Kemp LoadMaster disclosed...

Cybersecurity Threat Advisory: Severe Cisco ISE vulnerabilities
Two critical vulnerabilities have been identified in Cisco’s Identity Services Engine (ISE). These vulnerabilities can enable attackers to execute arbitrary commands with root privileges and bypass authorization mechanisms, potentially compromising the security and integrity of network access controls. Continue reading...

Cybersecurity Threat Advisory: Critical Azure vulnerabilities
Microsoft revealed two critical vulnerabilities in Microsoft Azure AI Face Service, a cloud-based facial recognition tool. They enable attackers to bypass authentication. Review the details within this Cybersecurity Threat Advisory to discover the key steps to safeguard your environment. What...

Cybersecurity Threat Advisory: Microsoft SharePoint connector vulnerability
A critical security vulnerability was identified in Microsoft Power Platform’s SharePoint connector. The flaw allows attackers to harvest user credentials and perform unauthorized actions within the platform upon a successful exploitation. Continue reading this Cybersecurity Threat Advisory to learn how...

Cybersecurity Threat Advisory: MintsLoader campaign threat
A cyber campaign has been identified using the MintsLoader malware loader to deliver secondary payloads, such as the StealC information stealer and the legitimate open-source network computing platform, BOINC. This campaign has primarily targeted sectors such as electricity, oil and...

Cybersecurity Threat Advisory: Ransomware attacks on ESXi systems
New ransomware attacks were discovered targeting ESXi systems that use stealthy SSH tunnels to direct traffic to command-and-control (C2) infrastructure, enabling attackers to remain undetected. Continue reading this Cybersecurity Threat Advisory to discover the key steps to safeguard your environment....

Cybersecurity Threat Advisory: Apple iOS zero-day vulnerability
Apple has released critical security updates to address an actively exploited zero-day vulnerability, tracked as CVE-2025-24085. Continue reading this Cybersecurity Threat Advisory in full to learn what devices are affected and how you can mitigate your risk regarding this vulnerability....

Cybersecurity Threat Advisory: Fortinet authentication vulnerability
A critical Fortinet authentication bypass vulnerability, CVE-2024-55591, is actively exploited in the wild. This vulnerability impacts FortiOS and FortiProxy, with a CVSS score of 9.6. Continue reading this Cybersecurity Threat Advisory to learn the necessary steps to protect your environment....

Cybersecurity Threat Advisory: Critical vulnerabilities in VPNs and routers
Critical vulnerabilities have been discovered in multiple tunneling protocols, potentially exposing approximately 4.2 million hosts. These include a wide range of devices such as Virtual Private Networks (VPNs), Internet Service Provider (ISP) home routers, core internet routers, mobile network gateways,...

Cybersecurity Threat Advisory: SonicWall SMA1000 vulnerability
A pre-authentication deserialization vulnerability has been discovered in SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) and is already being used in zero-day attacks. Review the details within this Cybersecurity Threat Advisory to protect your organization. What...