Are you sure you want to leave? You’re just one step away from your free network consultation (valued at $495).
Blog
Critical Progress WhatsUp Gold RCE Flaw Now Under Active Exploitation
Threat actors are actively exploiting a critical remote code execution vulnerability in Progress WhatsUp Gold 23.1.2 and older versions, identified as CVE-2024-4885 with a CVSS v3 score of 9.8.
Critical Progress WhatsUp Gold RCE Flaw Now Under Active Exploitation
Threat actors are actively exploiting a critical remote code execution vulnerability in Progress WhatsUp Gold 23.1.2 and older versions, identified as CVE-2024-4885 with a CVSS v3 score of 9.8.
Cloud Storage From Microsoft, Google Used in Malware Attacks
Symantec's Threat Hunter Team has observed various espionage operations utilizing cloud services, like the backdoors GoGra and Grager targeting organizations in South Asia, South East Asia, Taiwan, Hong Kong, and Vietnam.
FBI and CISA Uncover Updated TTPs and Activity of the BlackSuit Ransomware Group
The BlackSuit ransomware group gains access through phishing campaigns, RDP, and vulnerability exploits, using tools like Chisel and Mimikatz for communication and credential theft.
Automated Security Validation: One (Very Important) Part of a Complete CTEM Framework
The last few years have seen more than a few new categories of security solutions arise in hopes of stemming a never-ending tidal wave of risks. One of these categories is Automated Security Validation (ASV), which provides the attacker’s perspective of exposures and...
Ronin Network Hacked, $12 Million Returned by “White Hat” Hackers
Ronin Network was hacked, resulting in the withdrawal of $12 million by "white hat" hackers who returned the stolen funds. The hackers exploited an undocumented vulnerability on the Ronin bridge, withdrawing 4,000 ETH and 2 million USDC.
New Phishing Scam Uses Google Drawings and WhatsApp Shortened Links
Cybersecurity researchers have discovered a novel phishing campaign that leverages Google Drawings and shortened links generated via WhatsApp to evade detection and trick users into clicking on bogus links designed to steal sensitive information. "The attackers chose...
Windows Downgrade Attack Risks Exposing Patched Systems to Old Vulnerabilities
Microsoft said it is developing security updates to address two loopholes that it said could be abused to stage downgrade attacks against the Windows update architecture and replace current versions of the Windows files with older versions. The vulnerabilities are...
SEC Ends Probe Into MOVEit Attacks Impacting 95 Million People
The SEC has closed its investigation into Progress Software's handling of a zero-day flaw in MOVEit Transfer. Progress Software announced in a recent SEC filing that no enforcement action will be recommended by the Division of Enforcement.
Roundcube Flaws Allow Easy Email Account Compromise (CVE-2024-42009, CVE-2024-42008)
Roundcube's vulnerabilities (CVE-2024-42009, CVE-2024-42008) allow attackers to compromise email accounts easily. The two cross-site scripting flaws could lead to the theft of emails, contacts, and passwords, and the sending of unauthorized emails.
FREE GUIDE
The Ultimate Guide To IT Support Services And Fees
What You Should Expect To Pay For IT Support For Your Small Business (And How To Get Exactly What You Need Without Unnecessary Extras, Hidden Fees And Excessive Contracts)
