vulnerability

Enhance security posture: 4 key approaches to manage vulnerabilities

Posted on March 13, 2025March 13, 2025 by Admin

Cloud native application development is surging across businesses, along with the adoption of public cloud infrastructure and services. This progress has led to a growing set of challenges for security: as organizations expand their use of cloud native technologies, the complexity of these environments continues to grow, significantly increasing the attack surface. This added risk has not stopped the adoption but is making scaling and maintenance increasingly difficult, especially as teams have been moving more…

Billions of Devices at Risk of Hacking Due to Hidden Commands

Posted on March 10, 2025March 10, 2025 by Admin

Tarlogic team giving their presentation during RootedCON. Image: Tarlogic Billions of devices worldwide rely on a widely used Bluetooth-Wi-Fi chip that contains undocumented “hidden commands.” Researchers warn these commands could be exploited to manipulate memory, impersonate devices, and bypass security controls. ESP32, manufactured by a Chinese company called Espressif, is a microcontroller that enables Bluetooth and Wi-Fi connections in numerous smart devices, including smartphones, laptops, smart locks, and medical equipment. Its popularity is partly due…

Vulnerability management simplified: The core essentials

Posted on January 30, 2025January 30, 2025 by Admin

In light of today’s evolving threat landscape and high-profile cybersecurity breaches, organizations are facing growing pressure to strengthen their security foundations. These incidents highlight the urgent need for proactive strategies to address vulnerabilities in applications, infrastructure and data. CISOs and security teams can take action now to prepare for potential threats, focusing on a few essential priorities. Strengthening foundational security measures to reduce exposure and improve resilience It all starts with assets. What are you…

8 vulnerabilities found in macOS operating system Microsoft apps

Posted on August 22, 2024August 22, 2024 by Admin

Researchers from Cisco Talos have discovered 8 vulnerabilities in macOS operating system Microsoft apps. Through these vulnerabilities, a malicious actor can bypass an operating system’s permission model via existing permissions without requiring additional verification from the user. Successful attacks could grant a malicious actor any privilege already gained in the targeted application, such as sending emails, recording video and audio, or capturing pictures. According to the research, Microsoft considers these vulnerabilities to be a low…

Google Workspace Vulnerability Allowed Thousands of Emails to be Compromised

Posted on July 30, 2024July 31, 2024 by Admin

Thousands of email addresses have been compromised after hackers used them to create Google Workspace accounts and bypassed the verification process. According to Google, a “specially constructed request” could open a Workspace account without verifying the email. This meant that bad actors only required the email address of their desired target to impersonate them. While none of the fake accounts were used to abuse Google services, like Gmail or Docs, they were used to access…

Understanding the impact of the NIST NVD backlog on MSPs

Posted on July 16, 2024July 16, 2024 by Admin

Since February 2024, the National Institute of Standards and Technology’s (NIST) National Vulnerability Database (NVD) has encountered delays in processing vulnerabilities. This backlog, caused by factors such as software proliferation, budget cuts and changes in support, has significant implications for managed service providers (MSPs). Budget cuts and increased vulnerabilities NIST, an agency within the United States Commerce Department, saw its budget cut by nearly 12% this year. For over 20 years, the NVD has been…

Protecting Against regreSSHion with Secure Workload

Posted on July 16, 2024July 16, 2024 by Admin

On July 1, 2024, the Qualys Threat Research Unit (TRU) disclosed an unauthenticated, remote code execution vulnerability that affects the OpenSSH server (sshd) in glibc-based Linux systems. [For more information visit Qualys Security Advisory and our Cisco Security Advisory on regreSSHion (July 2024).] Now we have seen how CVE-2024-6387 has taken the internet by storm, making network security teams scramble to protect the networks while app owners patch their systems. Secure Workload helps organizations get…

BlastRADIUS Vulnerability Discovered in RADIUS Protocol

Posted on July 11, 2024July 12, 2024 by Admin

Cyber security researchers have exposed a vulnerability in the RADIUS protocol, dubbed BlastRADIUS. While there is no evidence that threat actors are actively exploiting it, the team is calling for every RADIUS server to be upgraded. What is the RADIUS protocol? RADIUS, or Remote Authentication Dial-In User Service, is a networking protocol that provides centralised authentication, authorisation and accounting for users connecting to a network service. It is widely used by internet service providers and…

Apple Operating Systems are Being Targeted by Threat Actors, Report Finds

Posted on June 18, 2024June 19, 2024 by Admin

The number of macOS vulnerabilities exploited in 2023 increased by more than 30%, according to a new report. The Software Vulnerability Ratings Report 2024 from patch management software company Action1 also found that Microsoft Office programs are becoming more exploitable, while attackers are targeting load balancers like NGINX and Citrix at a record rate. Action1 analysts used data from the National Vulnerability Database and CVEdetails.com to draw five insights into how the threat landscape changed…

Cybercriminals target SAP vulnerabilities

Posted on June 12, 2024June 12, 2024 by Admin

Cybercriminals are getting better at attacking critical business applications, according to a recent report by Onapsis. The report found a rise in threat actors targeting SAP vulnerabilities. According to the report, 2023 was an important year for the SAP application threat landscape. The report found a 400% increase in ransomware incidents that involved compromising SAP systems and data at victim’s organizations. The report found that conversations on SAP vulnerabilities and exploits have increased 490% across…

1 2 3 »

vulnerability

Enhance security posture: 4 key approaches to manage vulnerabilities

Billions of Devices at Risk of Hacking Due to Hidden Commands

Vulnerability management simplified: The core essentials

8 vulnerabilities found in macOS operating system Microsoft apps

Google Workspace Vulnerability Allowed Thousands of Emails to be Compromised

Understanding the impact of the NIST NVD backlog on MSPs

Protecting Against regreSSHion with Secure Workload

BlastRADIUS Vulnerability Discovered in RADIUS Protocol

Apple Operating Systems are Being Targeted by Threat Actors, Report Finds

Cybercriminals target SAP vulnerabilities

VMWARE

Helping Public Sector Organisations Define Cloud Strategy

How to change the VLAN ID of the Service Console in ESX from the command line/console

Cisco UCS and Vmware Interfaces (Vnics) HA Design Considerations

Troubleshooting network and TCP/UDP port connectivity issues on ESX/ESXi(2020669)

vSphere Client Parameters

Configuration Templates

CUE Licenses

Trouble shooting Unity Express with Call Manager Integeration & Operational Issues

CME Configuration Example: SIP Trunks to Viatalk and VoIP.ms

SIP Phone registration – CME Configuration

CUE Voicemail + VPIM networking (CUE to unity)