Citrix Discloses Actively-Exploited Critical Vulnerability
Citrix has disclosed critical vulnerabilities affecting NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway). Read on to learn more about the vulnerabilities and what you can do to ensure ...
Microsoft’s July 2023 Patch Tuesday: 132 Vulnerabilities, 6 Zero-Days
Microsoft has released its July 2023 Patch Tuesday security updates, fixing 132 vulnerabilities. Read on to get the details. What vulnerabilities did Microsoft patch? The 132 vulnerabilities Microsoft patched include including 37 ...
The Importance of MDR in Today’s Threat Environment
With cyber skills gaps still challenging to plug, managed detection and response (MDR) is a top cybersecurity priority for CISOs (as revealed in our 2023 survey). This article looks closer at the ...
CISA Releases Joint Advisory on Truebot Malware
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Canadian Centre for Cyber Security (CCCS) have issued a ...
Akira Ransomware Targets VMware ESXi Servers
Akira ransomware has expanded its attack capabilities and is leveraging a Linux encryptor to target VMware ESXi virtual machines. This adaptation allows Akira to execute double-extortion attacks on companies globally. Read on ...
A Double Supply Chain Attack and The Importance of TPRM
Third-party risk management (TPRM) is a critical aspect of cybersecurity due to the increasing interdependencies and complexities in today’s global, interconnected networks and systems. TPRM’s importance is most acutely evident when considering ...
VMware Discloses Active Exploitation of Critical Vulnerability in Aria Operations Networks
Threat actors are at it again. VMware has updated a previously issued security advisory to alert customers about the active exploitation of a critical remote code execution (RCE) vulnerability, tracked as CVE-2023-20887 ...
Critical Vulnerability Discovered in Patched Zyxel Storage Devices
On June 20, 2023, Zyxel, a well-known network-attached storage (NAS) device manufacturer, disclosed a critical security flaw known as CVE-2023-27992. This pre-authentication command injection vulnerability has been assigned a high CVSS score ...
Advanced Phishing Attacks: How to Stem the Tide
The problem with phishing is not just its relentless onslaught—it’s that threat actors continue to evolve toward more advanced phishing attacks. The ability to psychologically manipulate and dupe people into taking certain ...
Emerging Trend: Malicious Use of New Google Domains .zip and .mov
Google recently introduced eight new top-level domains (TLDs) that can be purchased for hosting websites or email addresses. Popular TLDs include .com, .io, .net, .gov, etc. Among the new TLDs are .zip ...
