Hot Topics

mitigation

Securing Networks: Addressing pfSense Vulnerabilities

| | command injection, CVE-2023-42325, CVE-2023-42326, CVE-2023-42327, Cybersecurity, Cybersecurity Best Practices, Cybersecurity News, Digital Threats, firewall, Microsoft Visual Studio Code, mitigation, Netgate, network infrastructure, Network Security, npm integration, Patch Tuesday updates, patching, pfsense, pfSense CE, pfSense Plus, proactive security measures, Remote Code Execution, resolution, responsible disclosure, security risks, Sonar, Vulnerabilities, XSS
In recent findings by Sonar, critical security vulnerabilities have emerged within the widely-used open-source Netgate pfSense firewall solution, potentially exposing susceptible appliances to unauthorized command execution. These pfSense vulnerabilities, comprising two reflected ...
TuxCare

BIG-IP Vulnerability Alert: Remote Code Execution Risk

| | BIG-IP, CISA Advisory, cve-2022-1388, Cybersecurity, Cybersecurity News, Cybersecurity Protocols, f5, mitigation, Remote Code Execution, security alert, vulnerability
In recent news, F5 has issued a critical security alert regarding a significant BIG-IP vulnerability that poses a severe risk to their BIG-IP systems. This vulnerability, rated at 9.8 out of 10 ...
TuxCare

Protect Your Servers: JetBrains TeamCity Flaw Alert

| | APT, Attack Vectors, backdoors, CVE-2023-42793, Cybersecurity, Cybersecurity News, Diamond Sleet, intrusion detection, JetBrains TeamCity, lateral movement, Lazarus Group, Malware, Microsoft, mitigation, North Korean Threat Actors, Onyx Sleet, security updates, Server Security, Threat Mitigation
In recent news, Microsoft has issued a warning about a JetBrains TeamCity flaw being exploited by North Korean threat actors. These attacks, linked to the infamous Lazarus Group, pose a significant risk ...
TuxCare
A10 DDoS AI machine learning

Let’s Stop Talking About the ‘Largest’ DDoS Attack

| | BPS, Cybersecurity, DDoS attacks, DDoS Extortion, Impact, mitigation, PPS, QPS, risk, RPS
There have been a slew of DDoS attacks recently that are serious, but to focus on the size of the latest attack is the wrong thing to do. What we need to ...
Security Boulevard
Defense in Depth to minimize the impact of ransomware attacks

Defense in Depth to minimize the impact of ransomware attacks

| | defense in depth, Featured Articles, IT Security and Data Protection, mitigation, Ransomware, Threat, trends
Ransomware attacks continue to plague organizations globally regardless of their size. In a press release by the NCC group that preceded the Annual Threat Monitor Report 2021 published for the year 2021, ...
The State of Security
inter-chip threat model image 1

Inter-Chip Communication: Design Considerations to Mitigate Commonly Overlooked Attack Paths

| | design considerations, inter-chip, Internet of things, IoT Security, mitigation, Security Controls, Threat Modeing, trust boundary
Introduction At Praetorian, we perform security assessments on a variety of Internet of Things (IoT) devices ranging from commodity home “smart” devices, medical devices, critical infrastructure, and autonomous vehicles. While previous blog ...
Blog - Praetorian
UPDATED: Cybereason Log4Shell Vaccine Offers Permanent Mitigation Option for Log4j Vulnerabilities (CVE-2021-44228 and CVE-2021-45046)

UPDATED: Cybereason Log4Shell Vaccine Offers Permanent Mitigation Option for Log4j Vulnerabilities (CVE-2021-44228 and CVE-2021-45046)

| | Apache Log4j Vulnerability, Apache Servers, CVE-2021-44228, Cybereason Defense Platform, enterprise security, Exploits, GitHub, Log4Shell, Logout4Shell Vaccine, mitigation, Network Security, patch management, patching, rce, remediation, Remote Code Execution, Vulnerabilities, vulnerability, zero-day
UPDATE 12/17/21: The Logout4Shell Vaccine has been updated to add a persistent option in addition to the existing one which reverted upon server restart. The previous version of the Vaccine used the ...
Blog
UPDATED: Cybereason Log4Shell Vaccine Offers Permanent Mitigation Option for Log4j Vulnerabilities (CVE-2021-44228 and CVE-2021-45046)

UPDATED: Cybereason Log4Shell Vaccine Offers Permanent Mitigation Option for Log4j Vulnerabilities (CVE-2021-44228 and CVE-2021-45046)

| | Apache Log4j Vulnerability, Apache Servers, CVE-2021-44228, Cybereason Defense Platform, enterprise security, Exploits, GitHub, Log4Shell, Logout4Shell Vaccine, mitigation, patch management, patching, rce, remediation, Remote Code Execution, vulnerability, zero-day
UPDATE 12/17/21: The Logout4Shell Vaccine has been updated to add a persistent option in addition to the existing one which reverted upon server restart. The previous version of the Vaccine used the ...
Blog

The Digital Pandemic – Ransomware

| | cyberattacks, IT Security and Data Protection, Malware, mitigation, Phishing, Ransomware
In 2021, there are two words that can send a cold chill down the spine of any Cybersecurity professional and business leader; Phishing and Ransomware. Research carried out by the Data Analytics ...
The State of Security

Insurance and Ransomware

| | academic papers, cybercrime, Cybersecurity, insurance, mitigation, Ransomware, Reports, Uncategorized
As ransomware becomes more common, I’m seeing more discussions about the ethics of paying the ransom. Here’s one more contribution to that issue: a research paper that the insurance industry is hurting ...
Schneier on Security
Load more