Resources

Filter By:
Threat Report
Two Vulns, a Five-Year compromise, and the Twitch Data Breach
Grafana is an open-source, multi-platform analytics platform that lets you create graphs, charts, and alerts on whatever data you give it access to. Earlier this week, Grafana released two new versions, 7.5.11 and 8.1.6, which address a critical vulnerability recently discovered in Grafana’s snapshot feature.
security general blue icon
Cybersecurity
Threat Report
19 New VMware Vulnerabilities, One Critical
VMware is a major virtualization and cloud computing software vendor used by organizations of all sizes. This week they released information on 19 new vulnerabilities. One of these is a critical vulnerability that could allow an attack to run any code they want on the vulnerable server. VMware servers are critical infrastructure and if exploited an attacker could have full control over their targets entire network.
security general blue icon
Cybersecurity
Threat Report
New Windows Office 0 Day Rce Vulnerability
Microsoft released a security advisory earlier today for a new Remote Code Execution Vulnerability in MSHTML (CVE-2021-40444) that affects all current Windows versions discovered by security researchers from Mandiant and EXPMON
security general blue icon
Cybersecurity
Threat Report
A new ransomware gang on the block
A key component to protecting your systems is understanding the threat landscape. Part of that is keeping tabs on who the adversaries are and the tactics, techniques, and procedures they use.
security general blue icon
Cybersecurity
Threat Report
The Print Nightmare just doesn’t stop
Over the past couple of months, multiple printer-related vulnerabilities have been disclosed that could lead to an attacker remotely executing code on your systems. This could include ransomware or other malware, or if they already have access, could allow them to elevate their privileges to an account with greater access.
security general blue icon
Cybersecurity
Threat Report
SonicWall warns of “imminent” ransomware attack
SonicWall issued an urgent alert of an imminent ransomware attack targeting their Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products. The warning mentions the use of stolen credentials and exploitation of older vulnerabilities that have already been patched for some time. We’ve frequently seen older exploits on devices that have been forgotten about as the source of initial access for customers who have been breached.
security general blue icon
Cybersecurity
Threat Report
Fake Kaseya updates serving up Cobalt Strike
Last week, we reported on a ransomware attack by REvil involving Kaseya’s RMM tool, VSA, that affected between 40-60 MSPs and over 1,000 organizations. This week, we’re seeing other threat actors try to capitalize on REvil’s success with a malspam campaign disguised as a Kaseya VSA security update.
security general blue icon
Cybersecurity
Threat Report
A Nightmare on Spooler Street
A few weeks ago we mentioned a long list of vulnerabilities patched by Microsoft on June’s Patch Tuesday. Among those was what was originally thought to be a local privilege escalation involving the Windows Print Spooler CVE-2021-1675. Further details were leaked this week that the vulnerability, now dubbed “PrintNightmare”, also allows for remote code execution of the Windows RPC call, RpcAddPrinterDriver.
security general blue icon
Cybersecurity