Resources

Learn about CYREBRO’s platform, technology, and capabilities, read about industry insights, watch webinars with cyber experts, and much more in the resources below.

  • The Benefits of Choosing a Reliable MSSP (Part 1 of 2)
    Blog Post

    The Benefits of Choosing a Reliable MSSP (Part 1 of 2)

    The last few years have put SMBs in a precarious position, and it doesn’t appear as though their situation will ease any time soon. Current inflation rates and a looming recession have forced many to tighten their belts and reevaluate how their budgets are distributed across different departments. In the wake of several years of…

  • Google Chrome 0-Day Vulnerability Exploited in the Wild
    Threat Intelligence

    Google Chrome 0-Day Vulnerability Exploited in the Wild

    December 4, 2022 Google Chrome 0-Day Vulnerability Exploited in the Wild Google has released an emergency update for Chrome, addressing an actively exploited Zero-Day vulnerability. The updated version is 108.0.5359.94/.95 for Windows, Mac, and Linux. Google has not shared further information regarding the Zero-Day details and exploitation, however such vulnerabilities typically allow attackers to create unusually…

  • Google Chrome 0-Day Vulnerability Exploited in the Wild
    Threat Intelligence

    Google Chrome 0-Day Vulnerability Exploited in the Wild

    November 27, 2022 Google Chrome 0-Day Vulnerability Exploited in the Wild Google has released an emergency update for Chrome, addressing an actively exploited Zero-Day vulnerability. The updated version is 107.0.5304.121/.122 for Windows, Mac and Linux. Google has not shared further information regarding the Zero-Day details and exploitation, however such vulnerabilities typically allow attackers to create unusually…

  • F5 BIG-IP & BIG-IQ High-Severity RCE Vulnerabilities
    Threat Intelligence

    F5 BIG-IP & BIG-IQ High-Severity RCE Vulnerabilities

    November 20, 2022 F5 BIG-IP & BIG-IQ High-Severity RCE Vulnerabilities F5 has released an advisory regarding 2 High-Severity vulnerabilities affecting BIG-IP and BIG-IQ devices. successful exploitation of these vulnerabilities may lead to remote code execution (RCE) and device takeover. The Vulnerabilities CVE-2022-41622 (CVSS 3.1: 8.8, High-severity) – A cross-site request forgery (CSRF) vulnerability through iControl SOAP, may…

  • Atlassian Critical Bitbucket RCE Vulnerability Exists in the Wild
    Threat Intelligence

    Atlassian Critical Bitbucket RCE Vulnerability Exists in the Wild

    November 20, 2022 Atlassian Critical Bitbucket RCE Vulnerability Exists in the Wild Atlassian has released security patches to address two critical vulnerabilities in Bitbucket Server, Data Center, and Crowd. An attacker might be able to execute remote code (RCE) by exploiting one of the vulnerabilities. The Vulnerabilities CVE-2022-43781, Critical (CVSS 3.1: 9.0) -Environment variable-based command injection…

  • Foxit Patches Several Code-Execution Vulnerabilities in PDF Reader
    Threat Intelligence

    Foxit Patches Several Code-Execution Vulnerabilities in PDF Reader

    November 14, 2022 Foxit Patches Several Code-Execution Vulnerabilities in PDF Reader Foxit PDF document viewer has been updated to address a number of use-after-free security vulnerabilities that might be exploited to execute arbitrary code. To exploit these vulnerabilities, an attacker must persuade a victim into opening a malicious file. The Vulnerabilities CVE-2022-32774, CVE-2022-38097, CVE-2022-37332, CVE-2022-40129…

  • SAMBA patches vulnerabilities that allow remote code execution and data disclosure
    Threat Intelligence

    SAMBA patches vulnerabilities that allow remote code execution and data disclosure

    October 27, 2022 SAMBA patches vulnerabilities that allow remote code execution and data disclosure SAMBA has released a patch and security advisory to address two vulnerabilities in all versions of Samba prior to 4.17.0 that might allow attackers to perform remote code execution  and get access to all of the server’s file systems running vulnerable…

  • Apple Patches 127 Vulnerabilities that Affects a Variety of Products
    Threat Intelligence

    Apple Patches 127 Vulnerabilities that Affects a Variety of Products

    October 27, 2022 Apple Patches 127 Vulnerabilities that Affects a Variety of Products Apple’s security response team has released software updates for at least 77 software vulnerabilities affecting several Apple products (Excludes iPhones, iPads, Apple Watch and Apple TV). Some of these vulnerabilities may lead to remote code execution (RCE). The Vulnerabilities: The details of the…

  • VMware Patches Critical Cloud Foundation RCE Vulnerability
    Threat Intelligence

    VMware Patches Critical Cloud Foundation RCE Vulnerability

    October 26, 2022 VMware Patches Critical Cloud Foundation RCE Vulnerability VMware has released a security update to address a critical vulnerability in VMware Cloud Foundation. Unauthenticated threat actors can exploit the vulnerability remotely (RCE) in low-complexity attacks that do not require user interaction. The Vulnerability CVE-2021-39144, (CVSS 3.1: 9.8, Critical) – Vulnerability in the XStream open-source…

  • Oracle Patches 48 Critical Vulnerabilities, 370 Vulnerabilities in Total
    Threat Intelligence

    Oracle Patches 48 Critical Vulnerabilities, 370 Vulnerabilities in Total

    October 19, 2022 Oracle Patches 48 Critical Vulnerabilities, 370 Vulnerabilities in Total As part of its quarterly Critical Patch Update (CPU), Oracle has patched 48 critical vulnerabilities and over 250 Remote Code Execution vulnerabilities. Overall, Oracle has patched 370 vulnerabilities across 126 products. Affected Products The Vulnerability affects over 126 Oracle products including:  Oracle Communications…

  • Apache Patches Text4Shell RCE vulnerability
    Threat Intelligence

    Apache Patches Text4Shell RCE vulnerability

    October 18, 2022 Apache Patches Text4Shell RCE vulnerability Apache has released an advisory addressing a critical Remote Code Execution (RCE) vulnerability in the Apache Commons Text library. The vulnerability, dubbed as “Text4Shell”, results from insecure implementation of Commons Text’s variable interpolation functionality—more specifically, some default lookup strings could potentially accept untrusted input from remote attackers, such…

  • Adobe Patches 2 Critical Vulnerabilities in Acrobat
    Threat Intelligence

    Adobe Patches 2 Critical Vulnerabilities in Acrobat

    October 13, 2022 Adobe Patches 2 Critical Vulnerabilities in Acrobat Adobe has released a major security update for Acrobat and Reader products, addressing 6 vulnerabilities, 2 of which are defined as critical and may lead to arbitrary code execution attacks. It is important to note that the vulnerabilities may also be described as RCE because…