BlackLotus UEFI Bootkit Vulnerability
Published: April 17, 2023 Overview Microsoft has shared information and guidance to check if hackers targeted or compromised users by…
Microsoft’s March 2023 Patch Tuesday
Published: March 21, 2023 Overview Microsoft has released their monthly Tuesday patch on March 14th. The updates contain security updates…
FortiOS Remote Code Execution Vulnerability
Published: March 09, 2023 Overview A critical vulnerability (CVE-2023-25610) in FortiOS and FortiProxy allows attackers to execute arbitrary code (Remote…
Microsoft Word Vulnerability
Published: March 07, 2023 Overview A vulnerability (CVE-2023-21716) in Microsoft’s Word wwwlib library allows attackers to get Remote Code Execution…
Java Based ZK Framework Vulnerability
Updated: March 6, 2023 Overview There is a remote code execution flaw in the ZK Open Source JAVA framework for…
OpenSSL Vulnerabilities
Published: February 9, 2023 Overview OpenSSL has released a security advisory to address multiple vulnerabilities affecting OpenSSL versions 3.0.0, 1.1.1,…
Ransomware Attack on ESXi Servers
Published: February 7, 2023 Overview A ransomware attack is targeting VMWare ESXi servers worldwide with a ransomware strain called ESXiArgs.…
Fortinet SSL-VPN Vulnerability
Published: December 14, 2022 Overview Fortinet recently disclosed a critical buffer overflow vulnerability in FortiOS SSL-VPN that is deployed on…
Microsoft Internet Explorer Vulnerability
Published: December 13, 2022 Overview Microsoft disclosed a vulnerability in their legacy JScript9 library that attackers have exploited with phishing…
Apache Commons Text Vulnerability
Published: November 21, 2022 Overview A vulnerability has been found in the string interpolator module of a Java library called…
OpenSSL 3.0 Vulnerability – CVE-2022-3602
Updated: November 9, 2022 Overview The OpenSSL project recently disclosed a critical vulnerability in the OpenSSL library for version 3.0.0…
Microsoft Office RCE Follina MSDT Attack Detection and Workaround
Updated: June 9, 2022 US-CERT.CISA Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert on addressing the Zero-day remote…
Log4j Vulnerabilities
Updated: Dec 18, 2021 Summary On Dec. 9, 2021, a remote code execution (RCE) vulnerability CVE-2021-44228 in Apache log4j 2 was identified, and attackers…
Advisory & Monitoring Solution for Active Exploitation of SolarWinds Software
Active Exploitation of SolarWinds Software Published: December 17, 2020, 10:00 am ESTUS-CERT.CISA Cybersecurity and Infrastructure Security Agency (CISA) has issued…
Hafnium Detection and Monitoring Solution
Last Updated: April 2, 2021 US-CERT.CISA Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert on active exploitation of…
NOBELIUM Email-Based Attack Prevention & Detection Solution
Published: June 2, 2021 Netsurion’s Security Operations Center (SOC) has seen significant escalation of an email-based attack campaign by threat actor,…
Ongoing Potential Attack Against Kaseya VSA Components
Updated: July 13, 2021 Note: Kaseya has released a patch for this critical vulnerability which is described here. If you use the…
Windows Elevation of Privilege Vulnerability (HiveNightmare | SeriousSAM)
Published: July 22, 2021 THIS NOTICE AFFECTS ONLY THOSE RUNNING CERTAIN VERSIONS OF WINDOWS SERVER OR WINDOWS 10 AS NOTED…
Recommended Hardening for On-Premises-Self-Hosted Netsurion Customers
Updated: July 26, 2021 NOTE: This advisory is intended for organizations that self-host the Netsurion Open XDR Console. Attackers have been…
LockBit Ransomware Encrypts Windows Domains
Published: August 15, 2021 A new version of the LockBit 2.0 ransomware has been identified that automates the encryption of a…
ADV200006 | Windows Remote Code Execution Vulnerability Advisory
March 27, 2020 Microsoft has released an out-of-band security advisory to address two critical remote code execution vulnerabilities in Adobe…