Tag: vulnerabilities
Cybersecurity Threat Advisory: Critical vulnerabilities in VMware
VMware has released updates addressing four security flaws in ESXi, Workstation, and Fusion. Two out of the four flaws, CVE-2024-22252 and CVE-2024-22253, were identified as critical with CVSS scores of 9.3 for Workstation/Fusion and 8.4 for ESXi. This Cybersecurity Threat...
Threat Spotlight: Web apps under active threat from 10-year-old Shellshock bugs and miners
The Shellshock bugs — there are six related CVE designations — have the highest severity rating of 10. They exist in the Unix Bash shell, which is the default command-line interface on all Linux, Unix, and Mac-based operating systems. If...
The role of MSPs in food supply chain cybersecurity
Food and cybersecurity seem like very different topics. When we think of our favorite potato chips or steaks to sizzle on the grill, ransomware isn’t the first thing that comes to mind. However, the food supply chain is under increasing...
Cybersecurity Threat Advisory: Patches for critical vulnerabilities
Security patches were recently released from various vendors including Cisco, Fortinet, and VMware. Read this Cybersecurity Threat Advisory as it shares the impact of each of the vulnerabilities and how to mitigate the risks they pose. What is the threat?...
Cybersecurity Threat Advisory: Urgent Veeam ONE vulnerabilities
Several serious security flaws have been found in the Veeam ONE platform for analytics and IT infrastructure monitoring. These vulnerabilities may result in data breaches, illegal access, and NTLM hash theft. To fix these problems, Veeam has published security patches...
Cybersecurity Threat Advisory: New Cisco vulnerabilities discovered
Cisco is warning of five new Catalyst SD-WAN Manager product vulnerabilities. The most critical vulnerability allows unauthorized remote access to the server. Multiple vulnerabilities were discovered in SD-WAN Manager that allows an attacker to access the compromised instance or cause...
From Basics to Breakthroughs: Evolution of IT security in the 1980s
As part of our 5-part series on the evolution of cybersecurity, check out our first article below that covers how War Games and Worms led to the creation of the first cybersecurity efforts in the 1980s. While cybersecurity is a multibillion-dollar...
Cybersecurity Threat Advisory: Apple releases patches for zero-day vulnerabilities
Apple has released more security patches after three zero-day vulnerabilities were discovered in iOS, iPadOS, MacOS, WatchOS, and Safari. These vulnerabilities are actively being exploited in the wild against several frameworks and systems of Apple products, making sixteen total zero-days...
Cybersecurity Threat Advisory: Vulnerabilities found in Juniper firewalls
Today’s Cybersecurity Threat Advisory involves proof-of-concept exploit code that has been publicly released in Juniper SRX firewalls. Using the proof-of-concept exploit code can allow unauthenticated attackers access to remotely execute code in unpatched Juniper JunOS devices. This news comes after...
MSSPs need to stage cybersecurity interventions
A pair of reports conducted separately by Google and Cado Security make it clear that when it comes to cloud security, the biggest issues are mundane lapses that cybercriminals have learned to exploit easily. The Google report, for example, finds...