Resources
Learn about CYREBRO’s platform, technology, and capabilities, read about industry insights, watch webinars with cyber experts, and much more in the resources below.
-
Threat Intelligence
Threat Actors Using Omicron COVID-19 Phishing Lures
Recently, CYREBRO has observed an increase in phishing campaigns exploiting the recently emerging ‘Omicron’ Covid-19 variant.
-
Threat Intelligence
Critical Ransomware Risk to Unpatched SonicWall SRA & SMA 8.X
SonicWall has released an URGENT security notice considering a risk to unpatched end-of-life SRA & SMA remote access devices
-
Threat Intelligence
Critical Microsoft Windows Print Spooler Point and Print Arbitrary Code Execution Zero-Day Vulnerability
A new Windows Print Spooler Zero-Day Vulnerability has been detected which allows for non-admin users to be able to install printer drivers via Point and Print.
-
Threat Intelligence
NVIDIA Releases Security Advisory Regarding Log4Shell Affected Products
December 23, 2021 NVIDIA has released a security advisory addressing multiple products vulnerable to the recently reported Log4Shell Vulnerability. The affected products are multiple enterprise environment tools and components. No consumer-grade applications are known to be affected at this point. Affected Products CUDA Toolkit Nsight Eclipse Edition – Prior to version ‘11.0’. DGX Systems –…
-
Threat Intelligence
New Log4j Denial-of-Service Vulnerability
Apache has released Log4j 2.17.0 (Java 8), addressing a newly disclosed denial-of-service vulnerability.
-
Threat Intelligence
Microsoft Patches 6 0-Days, 1 Actively Exploited, Apple Patches 24 RCEs
Last published on: December 14, 2021 Microsoft Patches 6 0-Days, 1 Actively Exploited, 26 RCE Vulnerabilities As part of December’s security rollup updates, Microsoft has patched 6 Zero-Days (1 actively exploited in the wild), as well as 26 Remote Code Execution vulnerabilities. Overall, Microsoft has patched 55 (67 including Microsoft Edge) vulnerabilities across Windows, Office,…
-
Threat Intelligence
Fortinet FortiWeb OS Zero-Day RCE
A zero-day command injection vulnerability has been found in Fortinet FortiWeb Web Application Firewall (WAF).
-
Threat Intelligence
Cisco Patches Critical and High Severity RCE Vulnerabilities in VPN Routers
The vulnerabilities are remotely exploitable without requiring authentication and allow attackers to remotely execute commands and arbitrary code or to trigger a denial-of-service on vulnerable devices
-
Threat Intelligence
Google Patches RCE Vulnerability in the New Chrome Update Release
The update patches 10 vulnerabilities, including a high severity vulnerability which may lead to Remote Code Execution on the affected system.
-
Threat Intelligence
Cisco: Critical RCE Vulnerability in Small Business Routers
Cisco has published a Security Advisory regarding a Critical Remote Code Execution vulnerability affecting several Cisco Small Business Routers.
-
Threat Intelligence
Apple fixes Exploited-in-the-Wild macOS Big Sur Privileged Arbitrary Code Execution Zero-Day Vulnerability
Apple has released a security update to address an exploited-in-the-wild zero-day vulnerability which allows for Privileged Arbitrary Code Execution.
-
Threat Intelligence
Cisco patches Firepower Device Manager On-Box Software RCE vulnerability
July 25, 2021 Cisco patched a Remote Code Execution vulnerability in the Cisco Firepower Device Manager On-Box Software. The vulnerability only affects Cisco FDM On-Box Software. The Vulnerability CVE-2021-1518 (CVSS 3.1: 6.3 Medium) A vulnerability in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software, which due to insufficient sanitization of user input on specific REST…