AA22-257A: Cybersecurity Agencies Issue Joint Advisory on Iranian Islamic Revolutionary Guard Corps-Affiliated Attacks
September 15, 2022Several global cybersecurity agencies publish a joint advisory detailing efforts by Iranian-government sponsored threat actors exploiting vulnerabilities to enable ransomware attacks.
CVE-2022-40139: Vulnerability in Trend Micro Apex One Exploited in the Wild
September 14, 2022Trend Micro has patched six vulnerabilities in its Apex One on-prem and software-as-a-service products, one of which has been exploited in the wild.
Microsoft’s September 2022 Patch Tuesday Addresses 62 CVEs (CVE-2022-37969)
September 13, 2022Microsoft addresses 62 CVEs in its September 2022 Patch Tuesday release, including five critical flaws.
Ransomware Preparedness: Why Organizations Should Plan for Ransomware Attacks Like Disasters
August 16, 2022As ransomware has cemented itself as one of the biggest cybersecurity threats to companies around the globe, it has become increasingly important that organizations treat ransomware attacks like they would a natural disaster and establish a robust preparedness plan.
Microsoft’s August 2022 Patch Tuesday Addresses 118 CVEs (CVE-2022-34713)
August 9, 2022Microsoft addresses 118 CVEs in its August 2022 Patch Tuesday release, including 17 critical flaws.
CVE-2022-31656: VMware Patches Several Vulnerabilities in Multiple Products (VMSA-2022-0021)
August 2, 2022VMware has patched another set of serious vulnerabilities across multiple products including VMware Workspace ONE Access. Organizations should patch urgently given past activity targeting vulnerabilities in VMware products.
The Ransomware Ecosystem: In Pursuit of Fame and Fortune
July 28, 2022The key players within the ransomware ecosystem, including affiliates and initial access brokers, work together cohesively like a band of musicians, playing their respective parts as they strive for fame and fortune.
Oracle July 2022 Critical Patch Update Addresses 188 CVEs
July 20, 2022Oracle addresses 188 CVEs in its third quarterly update of 2022 with 349 patches, including 66 critical updates.
Microsoft’s July 2022 Patch Tuesday Addresses 84 CVEs (CVE-2022-22047)
July 12, 2022Microsoft addresses 84 CVEs in its July 2022 Patch Tuesday release, including four critical flaws and one zero day that has been exploited in the wild.
CVE-2022-28219: Proof-of-Concept Published for Unauthenticated RCE in Zoho ManageEngine ADAudit Plus
June 30, 2022New information and technical details, including a proof-of-concept have been published for a remote code execution flaw in Zoho ManageEngine ADAudit Plus that was patched last month.
OT:ICEFALL Research from Forescout Explores Insecure-by-Design State of Operational Technology
June 23, 2022The latest research from Forescout’s Vedere Labs explores the state of risk management in operational technology through the lens of 56 insecure-by-design vulnerabilities.
Understanding the Ransomware Ecosystem: From Screen Lockers to Multimillion-Dollar Criminal Enterprise
June 22, 2022Ransomware is a constantly evolving cyberthreat, and it is through its evolution that ransomware has managed to not only survive, but thrive.