This edition brings you early warnings, trending news about cyber threats, and the accurate threat context. Check out which threat group is on the rampage, what vulnerability it could soon weaponize, and more.
This blog brings talks about the challenges that exist in mapping CWEs to CAPEC using MITRE and ATT&CK
The U.S. Cybersecurity and Infrastructure Agency issued an emergency security directive over VMware vulnerabilities, which threat actors are likely to exploit.
Securin's AI-based vulnerability and threat intelligence delves deep into the vulnerabilities exploited by APT groups
The Apache Software Foundation has published a new version 2.4.52 of the Apache HTTP Server to fix two vulnerabilities in one of the world's most popular web servers - one of which is rated as high, and the other as critical.
A directive recently released by the US government-backed Cybersecurity and Infrastructure Security Agency has a list of 703 known vulnerabilities that organizations have been asked to focus on patching immediately. Amongst them, 158 vulnerabilities have been identified as being exploited actively by various ransomware families. Read on to learn more about the vulnerabilities.
On October 4, 2021, Apache announced fixes for a couple of vulnerabilities, including a zero-day flaw that affects Apache HTTP Server version 2.4.49—a widely used open-source, cross-platform web server for Unix and Windows.
A critical security flaw in the Linux kernel went unpatched for 15 years till attackers used it to gain local privilege escalation, escape the Kubernetes pod and obtain root privileges on Linux systems. Read our analysis where we look into the vulnerability’s characteristics and the impact it can have.
Two OpenSSL vulnerabilities, one remote code execution, and a denial-of-service were discovered by network-attached storage device manufacturers, Synology and QNAP. The fear of a ransomware attack leveraging the vulnerabilities still remains high. Here is our analysis of the vulnerabilities.
On September 21, 2021, VMware published an advisory warning of nineteen vulnerabilities in their vCenter Server. Of the nineteen vulnerabilities, one CVE stands out as being extremely critical and potential to be exploited by ransomware—CVE-2021-22005.
REvil's monumental supply-chain attack on 3 July 2021 affected 1500 companies and opened a path for third-party attack onslaughts. What else does REvil’s historic supply-chain attack portend?
The Airline industry is on the brink of a supply-chain attack from threat groups like APT41. According to our research findings, there are 20 vulnerabilities associated with the APT41 threat group.