Resources
Learn about CYREBRO’s platform, technology, and capabilities, read about industry insights, watch webinars with cyber experts, and much more in the resources below.
-
Threat Intelligence
Google has patched 3 remote code execution vulnerabilities in Chrome.
June 23, 2022 Google has patched 3 remote code execution vulnerabilities in Chrome The newly released Chrome version 103.0.5060.53 for Windows, Mac and Linux addresses 14 vulnerabilities overall. The Vulnerabilities CVE-2022-2156, Critical severity – ‘Use after free’ in ‘Base’. CVE-2022-2157, High severity – Use after free in ‘Interest groups’. CVE-2022-2161, Medium severity – Use after free…
-
Case Studies
Ransomware Attack Prevented: CYREBRO Incident Response Case Study
A global manufacturing company was established well over a century ago, with over 5,000 employees today and an annual revenue of over 1 billion USD.
-
Threat Intelligence
Citrix Patches ADM Account Takeover Vulnerability
June 15, 2022 Citrix Patches ADM Account Takeover Vulnerability Citrix has patched an improper access control vulnerability affecting the Application Delivery Management solution (Citrix ADM), which may lead to an account takeover. The Vulnerability CVE-2022-27511 – Corruption of the system by a remote, unauthenticated user potentially leading to the reset of the administrator password,…
-
Threat Intelligence
Microsoft Patches ‘Follina’ 0-Day & 27 RCE Vulnerabilities
June 15, 2022 Microsoft Patches ‘Follina’ 0-Day & 27 RCE Vulnerabilities As part of June’s monthly security rollup updates, Microsoft has patched the recent ‘Follina‘ 0-Day as well as 27 Remote Code Execution vulnerabilities. Overall, Microsoft has patched 55 vulnerabilities across Windows, Azure, Office, SQL Server, Hyper-V, Edge, RVSS, .NET & Visual Studio. The 0-Day Vulnerability CVE-2022-30190…
-
Guides & E-books
Incident Response Analysis Report
After analyzing numerous internal incident response (IR) reports, CYREBRO discovered a shocking statistic: 75% of reported security incidents were caused by inadequate investment in security solutions that caused blind spots in network visibility. Given that a single, minor blind spot can put your business at risk, ensuring that you achieve 100% visibility is critical.
-
Threat Intelligence
Google Patches 7 Chrome Vulnerabilities, 1 RCE
June 12, 2022 Google Patches 7 Chrome Vulnerabilities, 1 RCE Google has patched a remote code execution vulnerability in Chrome. The newly released Chrome version 102.0.5005.115 for Windows, Mac and Linux addresses 7 vulnerabilities overall. The RCE Vulnerability CVE-2022-2007, High Severity – Use after free in WebGPU. The vulnerability is remotely exploitable and doesn’t require…
-
Threat Intelligence
NVIDIA fixes 10 vulnerabilities, 2 Leading to ACE in Windows GPU display drivers
May 18, 2022 NVIDIA fixes 10 vulnerabilities, 2 Leading to ACE in Windows GPU display drivers NVIDIA has released a security update that addresses 4 high-severity and 6 medium-severity vulnerabilities in its GPU drivers. The vulnerabilities can lead denial of service, information exposure, privilege elevation, arbitrary code execution (ACE), etc. The ACE Vulnerabilities CVE-2022-28181, High…
-
Threat Intelligence
Apple Patches 50 Vulnerabilities in Apple macOS Big Sur 11.6.6, Including 2 Zero-Days
May 17, 2022 Apple Patches 50 Vulnerabilities in Apple macOS Big Sur 11.6.6, Including 2 Zero-Days Apple has released security updates to address 2 zero-day vulnerabilities actively exploited in the wiled in attacks targeting Macs and Apple Watch devices. Overall, Apple has patched 50 vulnerabilities in Apple macOS Big Sur 11.6.6, including several arbitrary code…
-
Threat Intelligence
Zyxel Patches a Critical Firewall Vulnerability
May 15, 2022 Zyxel Patches a Critical Firewall Vulnerability Zyxel has released a security advisory addressing a critical unauthenticated remote command Injection vulnerability affecting several firewall models. The Vulnerability CVE-2022-30525 (CVSS:9.8 – critical) – An unauthenticated remote command injection via the HTTP interface vulnerability, affecting Zyxel firewalls supporting Zero Touch Provisioning (ZTP). Successful Exploitation could…
-
Threat Intelligence
Microsoft Patches 3 0-Days & 24 RCEs
May 11, 2022 Microsoft Patches 3 0-Days & 24 RCEs As part of May’s monthly security rollup updates, Microsoft has patched 3 0-Days (1 actively exploited), and 24 remote code execution vulnerabilities. Overall, Microsoft has patched 75 vulnerabilities across Windows, Windows Server, Hyper-V, Azure, Office and other products. The Zero-Day Vulnerabilities CVE-2022-26904 (CVSS 3.1: 8.1, High Severity) –…
-
Threat Intelligence
F5 Patches Critical BIG-IP Device Takeover Vulnerability
May 8, 2022 F5 Patches Critical BIG-IP Device Takeover Vulnerability F5 has patched a critical vulnerability affecting BIG-IP devices that may lead to device takeover. The Vulnerability CVE-2022-1388 (CVSS 3.1: 9.8, Critical) – Undisclosed requests may bypass iControl REST authentication. This may result in remote code execution and modification of files and services. Affected Products…
-
Threat Intelligence
Cisco Patches 2 NFVIS RCE Vulnerabilities
May 8, 2022 Cisco Patches 2 NFVIS RCE Vulnerabilities Cisco has patched 2 NFV Infrastructure Software remote code execution vulnerabilities, one rated critical. Cisco NFVIS is a Linux-based infrastructure software for deploying virtualized network functions (virtual router, firewall, WAN acceleration, etc.) on a supported Cisco appliance. The Vulnerabilities CVE-2022-20777 (CVSS 3.1: 9.9, Critical) – A…