Resources
Learn about CYREBRO’s platform, technology, and capabilities, read about industry insights, watch webinars with cyber experts, and much more in the resources below.
-
Threat Intelligence
Microsoft Patches 6 Zero-Days & 29 RCEs, 97 Vulnerabilities Overall
January 12, 2022 As part of January’s monthly rollup updates, Microsoft has patched 6 Zero-Days and a total of 29 Remote Code Execution vulnerabilities. Overall, Microsoft has patched 97 vulnerabilities across Windows, Hyper-V, and Office. The Zero-Day Vulnerabilities CVE-2022-21919 (CVSS 3.1: 7.0, High Severity) – Windows User Profile Service Elevation of Privilege Vulnerability. CVE-2022-21874 (CVSS 3.1: 7.8, High Severity) – Windows…
-
Threat Intelligence
Google Patches 37 Chrome Vulnerabilities, 1 Critical RCE
January 06, 2022 Google has released Chrome version 97.0.4692.71, patching 37 vulnerabilities, including 1 Critical ‘use-after-free’ vulnerability, exploitation of which leads to remote code execution (RCE). The RCE Vulnerability CVE-2022-0096, Critical use-after-free in the Storage component. The vulnerability can be exploited remotely, which could have devastating effects ranging from corruption of valid data to the execution of malicious code on…
-
Threat Intelligence
New Log4j Remote Code Execution Vulnerability
Apache has released new patches addressing a Recently Disclosed a Log4j Remote Code Execution Vulnerability
-
Threat Intelligence
Threat Actors Using Omicron COVID-19 Phishing Lures
Recently, CYREBRO has observed an increase in phishing campaigns exploiting the recently emerging ‘Omicron’ Covid-19 variant.
-
Threat Intelligence
Critical Ransomware Risk to Unpatched SonicWall SRA & SMA 8.X
SonicWall has released an URGENT security notice considering a risk to unpatched end-of-life SRA & SMA remote access devices
-
Threat Intelligence
Critical Microsoft Windows Print Spooler Point and Print Arbitrary Code Execution Zero-Day Vulnerability
A new Windows Print Spooler Zero-Day Vulnerability has been detected which allows for non-admin users to be able to install printer drivers via Point and Print.
-
Threat Intelligence
Fortinet FortiWeb OS Zero-Day RCE
A zero-day command injection vulnerability has been found in Fortinet FortiWeb Web Application Firewall (WAF).
-
Threat Intelligence
Cisco Patches Critical and High Severity RCE Vulnerabilities in VPN Routers
The vulnerabilities are remotely exploitable without requiring authentication and allow attackers to remotely execute commands and arbitrary code or to trigger a denial-of-service on vulnerable devices
-
Threat Intelligence
Google Patches RCE Vulnerability in the New Chrome Update Release
The update patches 10 vulnerabilities, including a high severity vulnerability which may lead to Remote Code Execution on the affected system.
-
Threat Intelligence
Cisco: Critical RCE Vulnerability in Small Business Routers
Cisco has published a Security Advisory regarding a Critical Remote Code Execution vulnerability affecting several Cisco Small Business Routers.
-
Threat Intelligence
Apple fixes Exploited-in-the-Wild macOS Big Sur Privileged Arbitrary Code Execution Zero-Day Vulnerability
Apple has released a security update to address an exploited-in-the-wild zero-day vulnerability which allows for Privileged Arbitrary Code Execution.
-
Threat Intelligence
Cisco patches Firepower Device Manager On-Box Software RCE vulnerability
July 25, 2021 Cisco patched a Remote Code Execution vulnerability in the Cisco Firepower Device Manager On-Box Software. The vulnerability only affects Cisco FDM On-Box Software. The Vulnerability CVE-2021-1518 (CVSS 3.1: 6.3 Medium) A vulnerability in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software, which due to insufficient sanitization of user input on specific REST…