vulnerability

Vulnerability management simplified: The core essentials

Posted on January 30, 2025January 30, 2025 by Admin

In light of today’s evolving threat landscape and high-profile cybersecurity breaches, organizations are facing growing pressure to strengthen their security foundations. These incidents highlight the urgent need for proactive strategies to address vulnerabilities in applications, infrastructure and data. CISOs and security teams can take action now to prepare for potential threats, focusing on a few essential priorities. Strengthening foundational security measures to reduce exposure and improve resilience It all starts with assets. What are you…

8 vulnerabilities found in macOS operating system Microsoft apps

Posted on August 22, 2024August 22, 2024 by Admin

Researchers from Cisco Talos have discovered 8 vulnerabilities in macOS operating system Microsoft apps. Through these vulnerabilities, a malicious actor can bypass an operating system’s permission model via existing permissions without requiring additional verification from the user. Successful attacks could grant a malicious actor any privilege already gained in the targeted application, such as sending emails, recording video and audio, or capturing pictures. According to the research, Microsoft considers these vulnerabilities to be a low…

Google Workspace Vulnerability Allowed Thousands of Emails to be Compromised

Posted on July 30, 2024July 31, 2024 by Admin

Thousands of email addresses have been compromised after hackers used them to create Google Workspace accounts and bypassed the verification process. According to Google, a “specially constructed request” could open a Workspace account without verifying the email. This meant that bad actors only required the email address of their desired target to impersonate them. While none of the fake accounts were used to abuse Google services, like Gmail or Docs, they were used to access…

Understanding the impact of the NIST NVD backlog on MSPs

Posted on July 16, 2024July 16, 2024 by Admin

Since February 2024, the National Institute of Standards and Technology’s (NIST) National Vulnerability Database (NVD) has encountered delays in processing vulnerabilities. This backlog, caused by factors such as software proliferation, budget cuts and changes in support, has significant implications for managed service providers (MSPs). Budget cuts and increased vulnerabilities NIST, an agency within the United States Commerce Department, saw its budget cut by nearly 12% this year. For over 20 years, the NVD has been…

Protecting Against regreSSHion with Secure Workload

Posted on July 16, 2024July 16, 2024 by Admin

On July 1, 2024, the Qualys Threat Research Unit (TRU) disclosed an unauthenticated, remote code execution vulnerability that affects the OpenSSH server (sshd) in glibc-based Linux systems. [For more information visit Qualys Security Advisory and our Cisco Security Advisory on regreSSHion (July 2024).] Now we have seen how CVE-2024-6387 has taken the internet by storm, making network security teams scramble to protect the networks while app owners patch their systems. Secure Workload helps organizations get…

BlastRADIUS Vulnerability Discovered in RADIUS Protocol

Posted on July 11, 2024July 12, 2024 by Admin

Cyber security researchers have exposed a vulnerability in the RADIUS protocol, dubbed BlastRADIUS. While there is no evidence that threat actors are actively exploiting it, the team is calling for every RADIUS server to be upgraded. What is the RADIUS protocol? RADIUS, or Remote Authentication Dial-In User Service, is a networking protocol that provides centralised authentication, authorisation and accounting for users connecting to a network service. It is widely used by internet service providers and…

Apple Operating Systems are Being Targeted by Threat Actors, Report Finds

Posted on June 18, 2024June 19, 2024 by Admin

The number of macOS vulnerabilities exploited in 2023 increased by more than 30%, according to a new report. The Software Vulnerability Ratings Report 2024 from patch management software company Action1 also found that Microsoft Office programs are becoming more exploitable, while attackers are targeting load balancers like NGINX and Citrix at a record rate. Action1 analysts used data from the National Vulnerability Database and CVEdetails.com to draw five insights into how the threat landscape changed…

Cybercriminals target SAP vulnerabilities

Posted on June 12, 2024June 12, 2024 by Admin

Cybercriminals are getting better at attacking critical business applications, according to a recent report by Onapsis. The report found a rise in threat actors targeting SAP vulnerabilities. According to the report, 2023 was an important year for the SAP application threat landscape. The report found a 400% increase in ransomware incidents that involved compromising SAP systems and data at victim’s organizations. The report found that conversations on SAP vulnerabilities and exploits have increased 490% across…

Verizon 2024 Data Breach Report shows the risk of the human element

Posted on May 3, 2024May 3, 2024 by Admin

Verizon Business released its 17th-annual Data Breach Investigations Report (DBIR), highlighting the role that the human element plays in cyber threats. This report examined 30,458 security incidents as well as 10,626 verified breaches in 2023, representing a two-fold increase from 2022. Out of the breaches analyzed, more than two-thirds (68%) included a non-malicious human element — in other words, these incidents involved insider errors or people falling for social engineering schemes. This percentage remains consistent…

4 steps to defend against cyber attack risk

Posted on August 24, 2023August 24, 2023 by Admin

4 steps to defend against cyber attack risk | Security Magazine This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more. This Website…

1 2 3 »

vulnerability

Vulnerability management simplified: The core essentials

8 vulnerabilities found in macOS operating system Microsoft apps

Google Workspace Vulnerability Allowed Thousands of Emails to be Compromised

Understanding the impact of the NIST NVD backlog on MSPs

Protecting Against regreSSHion with Secure Workload

BlastRADIUS Vulnerability Discovered in RADIUS Protocol

Apple Operating Systems are Being Targeted by Threat Actors, Report Finds

Cybercriminals target SAP vulnerabilities

4 steps to defend against cyber attack risk

VMWARE

Helping Public Sector Organisations Define Cloud Strategy

How to change the VLAN ID of the Service Console in ESX from the command line/console

Cisco UCS and Vmware Interfaces (Vnics) HA Design Considerations

Troubleshooting network and TCP/UDP port connectivity issues on ESX/ESXi(2020669)

vSphere Client Parameters

Configuration Templates

CUE Licenses

Trouble shooting Unity Express with Call Manager Integeration & Operational Issues

CME Configuration Example: SIP Trunks to Viatalk and VoIP.ms

SIP Phone registration – CME Configuration

CUE Voicemail + VPIM networking (CUE to unity)