Weekly Threat Landscape Digest – Week 51
In the rapidly evolving cybersecurity landscape, staying informed about recent vulnerabilities, threats, and advisories is critical. This week’s digest covers […]
Weekly Threat Landscape Digest – Week 50
This week’s cybersecurity digest highlights critical vulnerabilities, sophisticated threat campaigns, and pressing advisories impacting global organizations. With the rapid evolution […]
Weekly Threat Landscape Digest – Week 49
This week’s cybersecurity digest delves into critical vulnerabilities and emerging threat actor activities, underscoring the urgent need for proactive security […]
Weekly Threat Landscape Digest – Week 48
This week’s cybersecurity digest highlights multiple critical vulnerabilities and threat actor activities, emphasizing the importance of proactive mitigation strategies. Vulnerabilities […]
Weekly Threat Landscape Digest – Week 47
In today’s fast-evolving cybersecurity environment, organizations must stay ahead of emerging risks and vulnerabilities. From sophisticated zero-day exploits to novel […]
Weekly Threat Landscape Digest – Week 46
As cybersecurity threats and challenges continually adapt, organizations must remain vigilant against emerging threats and vulnerabilities. This week’s digest highlights […]
Microsoft November 2024 Patch Tuesday- Critical Updates and Key Vulnerabilities
Introduction Microsoft’s November 2024 Patch Tuesday addresses 87 vulnerabilities across its software suite, including critical zero-day vulnerabilities actively exploited in […]
Critical Remote Code Execution Vulnerability in Palo Alto Networks PAN
On November 8, 2024, Palo Alto Networks issued a security advisory concerning a potential remote code execution (RCE) vulnerability affecting […]
Detecting and Mitigating Lateral Movement
Background Lateral movement refers to a post-exploitation activity in which a threat actor attempts to penetrate adjacent devices. After acquiring […]
Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited
Background Three recently identified zero-day vulnerabilities in Ivanti’s Cloud Service Appliance (CSA) are being actively exploited, the company has notified […]
CVE-2024-9487: Critical Vulnerability Affecting GitHub Enterprise Server
Background The most recent GitHub Enterprise Server (GHES) security update fixes three recently found vulnerabilities, one of which is a […]
Critical vulnerabilities in Palo Alto Expedition
Background To facilitate the process of transferring configurations from different vendors to Palo Alto Networks’ PAN-OS, Expedition is an enhanced […]
October 2024 – Microsoft patch tuesday highlights
Background Microsoft’s October 2024 Patch Tuesday updates are now available. They provide essential safety enhancements that IT professionals should apply. […]
HookChain: A New Approach to Bypassing EDR Solutions
Background Cybersecurity risks in today’s quickly changing digital environment are getting more complex and challenging to identify. As organizations strengthen […]
Critical RCE Vulnerabilites affecting Aruba Access Points
Background The parent company of Aruba Networks, Hewlett Packard Enterprise (HPE), issued a security bulletin on September 24, 2024, addressing […]
CVE-2024-38812: VMware vCenter Server RCE Vulnerability
Background Two critical vulnerabilities in VMware’s vCenter Server platform were recently patched by Broadcom, with the more severe of the […]
September 2024 – Microsoft Patch Tuesday Highlights
Background Microsoft’s September 2024 Patch Tuesday rollout includes security patches for 79 vulnerabilities. Among these are four zero-days that are […]
Cicada – A new ransomware targeting VMware ESXi systems
Background A recent ransomware-as-a-service (RaaS) campaign has swiftly targeted organizations across the globe by pretending to be the authentic Cicada […]
New Malware Masquerades as Palo Alto VPN Targeting Middle East Organizations
Background Threat actors target Middle Eastern enterprises using malware masquerading as the genuine Palo Alto GlobalProtect Tool, which can steal […]
CISA Warning: CVE-2024-38856 Apache OFBiz RCE Vulnerability under active exploitation
Background A pre-authentication vulnerability in Apache OFBiz can result in remote code execution. With a CVSS score of 9.8, the […]
CVE-2024-6800: A critical authentication bypass vulnerability affects the GitHub Enterprise Server
Background Concerns have been raised by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) over the potential exploitation of a […]
CVE-2024-40766: Critical SonicWall Firewall Vulnerability
Background SonicWall has released a patch to address a severe vulnerability discovered in certain SonicOS-based firewall devices. The vulnerability, CVE-2024-40766 […]
CISA Warning: SolarWinds’ RCE Vulnerability Being Exploited
Background Concerns have been raised by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) over the potential exploitation of a […]
August 2024 – Microsoft Patch Tuesday Highlights
Background Microsoft’s August 2024 Patch Tuesday release includes security patches for 85 vulnerabilities. These are six actively exploited zero-day vulnerabilities […]