Tag: zero-day

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Chrome zero-day vulnerability

Cybersecurity Threat Advisory: Chrome zero-day vulnerability

A critical zero-day vulnerability in Chrome has been identified, allowing unauthorized access and potential remote code execution on affected systems. Continue reading this Cybersecurity Threat Advisory for more information and to safeguard your systems now. What is the threat? The...

/ September 5, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Exploited Microsoft zero-day flaw

Cybersecurity Threat Advisory: Exploited Microsoft zero-day flaw

The hacker group Lazarus recently exploited a patched, zero-day flaw in Microsoft Windows. The vulnerability, tracked as CVE-2024-38193 with a CVSS score of 7.8, is a Bring Your Own Vulnerable Driver (BYOVD) vulnerability for Winsock. Continue reading this Cybersecurity Threat...

/ August 21, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Check Point zero-day vulnerability

Cybersecurity Threat Advisory: Check Point zero-day vulnerability

Check Point has issued a warning regarding a critical zero-day vulnerability known as CVE-2024-24919. The vulnerability has a CVSS score of 7.5 and is being actively exploited by threat actors in the wild. This can potentially allow attackers to read...

/ June 3, 2024
patchwork
Tech Time Warp: The history of Patch Tuesday

Tech Time Warp: The history of Patch Tuesday

Mondays are manic, Wednesday is Hump Day, Thursdays are thirsty, and TGIF. What about poor Tuesday? Well, for the past 20 years, Tuesday has been the responsible workday, thanks to Microsoft. In this edition of Tech Time Warp, we see...

/ February 23, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Active exploitation of Microsoft vulnerability

Cybersecurity Threat Advisory: Active exploitation of Microsoft vulnerability

Microsoft announced that a recently disclosed security flaw had been exploited just one day after it released fixes for the vulnerability. CVE-2024-21410, an Exchange Server vulnerability, with a CVSS score of 9.8, allows threat actors to escalate privileges of the...

/ February 21, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Ivanti zero-day vulnerabilities

Cybersecurity Threat Advisory: Ivanti zero-day vulnerabilities

Two vulnerabilities have been identified in Ivanti Connect Secure and Ivanti Policy Secure Gateways, CVE-2023-46805 and CVE-2024-21887 respectively, which when exploited together allow for unauthenticated remote code execution. These CVEs affect all supported versions of the products. Continue reading this...

/ January 16, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: HTTP/2 vulnerability

Cybersecurity Threat Advisory: HTTP/2 vulnerability

Amazon Web Services (AWS), Cloudflare, and Google announced measures to mitigate unprecedented distributed denial-of-service (DDoS) attacks that utilize an innovative HTTP/2 Rapid Reset technique. In this Cybersecurity Threat Advisory, learn the details of this threat, what the risks are, and...

/ October 19, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Cisco IOS XE zero-day vulnerability

Cybersecurity Threat Advisory: Cisco IOS XE zero-day vulnerability

This latest Cybersecurity Threat Advisory involves a critical authentication bypass zero-day vulnerability (CVE-2023-20198) discovered in Cisco IOS XE software, allowing unauthenticated attackers to gain full administrator privileges over affected routers and switches. This vulnerability is of utmost concern as it...

/ October 18, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New Microsoft Word vulnerability

Cybersecurity Threat Advisory: New Microsoft Word vulnerability

A new Microsoft Word vulnerability, CVE-2023-36761, was disclosed by Microsoft. This new vulnerability is rated 5.3 by NIST, a medium-level vulnerability but Microsoft has rated this as “Important”. Barracuda MSP recommends reviewing this Cybersecurity Threat Advisory in detail and follow...

/ September 28, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New Android zero-day exploit found

Cybersecurity Threat Advisory: New Android zero-day exploit found

This Cybersecurity Threat Advisory involves a critical zero-day vulnerability affecting Android devices, tracked as CVE-2023-35674, posing a significant threat to Android users. This vulnerability allows malicious actors to execute arbitrary code remotely, potentially compromising sensitive user data and device functionality....

/ September 12, 2023