Hot Topics

zero-day

MOVEit ransomware, attacks

US Gov’t Puts $10M Bounty on CL0P as MOVEit Fallout Continues 

| | Cybersecurity, MOVEit, Ransomware, vulnerability, zero-day
The U.S. State Department is offering a $10 million bounty for information related to the Cl0p ransomware gang, which is thought to be behind the MOVEit Transfer vulnerabilities ...
Security Boulevard
The number of Fortinet instances exposed to the internet, as determined by a Shodan search, currently stands at a significant 648,983.

Fortinet Discreetly Patches CVE-2023-27997, a Known Exploited Vulnerability

| | Critical Vulnerabilities, Fortinet, software supply chain attacks, software supply chain risk, Uncategorized, Vulnerability Management, zero-day
According to Fortinet, 110 vulnerabilities affecting Fortinet software were announced since the beginning of 2023. On June 8th, security fixes were released in FortiOS firmware versions 6.0.17, 6.2.15, 6.4.13, 7.0.12, and 7.2.5 ...
Rezilion
Seceons-new-aiSecurity-Score360-and-aiSecurity-BI360-Make-It-Easy-for-MSPs-and-MSSPs-To-Quantify-Risk

Announcing Seceon “AI-SECURITY SCORE360” and “AI-SECURITY BI360”

| | aiMSSP, aiMSSP Datasheet, aiSIEM, aiXDR, Cyber Security Company, cybersecurity solution, ransomware detection, zero-day
Seceon has been growing fast in 2023 – new partners, new team members and new capabilities. The post Announcing Seceon “AI-SECURITY SCORE360” and “AI-SECURITY BI360” appeared first on Seceon ...
Seceon
zero-day zero-trust app hardware zero-trust prepare

A Zero-Day Should Not Be a Crisis

| | Incident Response, supply chain, Threat Intelligence, vulnerability, zero-day
The next time there is a zero-day sweeping the internet, your organization shouldn’t have to panic. This shouldn’t be a crisis. Instead, it should be a controlled exercise that follows a playbook ...
Security Boulevard

Microsoft Secure Boot Bug

| | Microsoft, Uncategorized, Vulnerabilities, zero-day
Microsoft is currently patching a zero-day Secure-Boot bug. The BlackLotus bootkit is the first-known real-world malware that can bypass Secure Boot protections, allowing for the execution of malicious code before your PC ...
Schneier on Security
3CX Breach Was a Double Supply Chain Compromise

3CX Breach Was a Double Supply Chain Compromise

| | 3CX, A Little Sunshine, ClearSky Security, Diamond Sleet, double supply chain breach, Elastic Security, ESET, ICONICSTEALER, Kaspersky Lab, kim zetter, Latest Warnings, macos, Mandiant, Marc-Etienne M.Leveille, Microsoft, Ne'er-Do-Well News, Peter Kalnai, supply chain, The Coming Storm, Trading Technologies, X_Trader, zero-day, ZINC
We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX, a complex, lengthy intrusion that has the makings of a cyberpunk spy novel: North ...
Krebs on Security

Hacks at Pwn2Own Vancouver 2023

| | adobe, cars, Hacking, Uncategorized, Windows, zero-day
An impressive array of hacks were demonstrated at the first day of the Pwn2Own conference in Vancouver: On the first day of Pwn2Own Vancouver 2023, security researchers successfully demoed Tesla Model 3, ...
Schneier on Security
Silverfort Protection Against CVE-2023-23397 Outlook Zero Day

Silverfort Protection Against CVE-2023-23397 Outlook Zero Day

| | Blog, lateral movement, MFA, ntlm relay, outlook, vulnerability, zero-day
In the latest Patch Tuesday, Microsoft released a patch for  CVE-2023-23397 Zero Day in Outlook, that was reported to be exploited in the wild. Exploitation of this vulnerability enables an adversary to ...
Blog - Silverfort
Microsoft January Patch Tuesday 2023: 98 Security Vulnerabilities and a Zero Day

Microsoft January Patch Tuesday 2023: 98 Security Vulnerabilities and a Zero Day

| | Application Security, Microsoft security, Patch Tuesday, patching, Uncategorized, Vulnerability Management, Windows security, zero-day
On January 10th, 2023 Microsoft released their January Patch Tuesday fixes and revealed 98 vulnerability fixes, including one Zero Day vulnerability known to be exploited in the wild.  The vulnerabilities affect popular ...
Rezilion
“Reducing the attack surface: the key to secure your OT environment”

“Reducing the attack surface: the key to secure your OT environment”

| | Artificial Intelligence, Attacksurface, CERT-In, operational technology, Securitycontrols, VAPT, zero-day
Introduction Operational technology (OT) systems are essential in various sectors, including manufacturing, energy, and transportation, in the current digital era. Real-time monitoring and control of physical processes and devices are the responsibility ...
Kratikal Blogs
Load more