Resources
Learn about CYREBRO’s platform, technology, and capabilities, read about industry insights, watch webinars with cyber experts, and much more in the resources below.
-
Threat Intelligence
NVIDIA Releases Security Advisory Regarding Log4Shell Affected Products
December 23, 2021 NVIDIA has released a security advisory addressing multiple products vulnerable to the recently reported Log4Shell Vulnerability. The affected products are multiple enterprise environment tools and components. No consumer-grade applications are known to be affected at this point. Affected Products CUDA Toolkit Nsight Eclipse Edition – Prior to version ‘11.0’. DGX Systems –…
-
Threat Intelligence
New Log4j Denial-of-Service Vulnerability
Apache has released Log4j 2.17.0 (Java 8), addressing a newly disclosed denial-of-service vulnerability.
-
Threat Intelligence
Microsoft Patches 6 0-Days, 1 Actively Exploited, Apple Patches 24 RCEs
Last published on: December 14, 2021 Microsoft Patches 6 0-Days, 1 Actively Exploited, 26 RCE Vulnerabilities As part of December’s security rollup updates, Microsoft has patched 6 Zero-Days (1 actively exploited in the wild), as well as 26 Remote Code Execution vulnerabilities. Overall, Microsoft has patched 55 (67 including Microsoft Edge) vulnerabilities across Windows, Office,…
-
Threat Intelligence
Google Chrome 0-Day Vulnerability Exploited in the Wild
Google has released an emergency update for Chrome, addressing an actively exploited Zero-Day, as well as 4 additional vulnerabilities.
-
Threat Intelligence
New Log4j Patch, Vendors Release Security Advisories
Last published on: December 15, 2021 New Log4j Vulnerability – Patch Available Apache has released a new patch for the Log4j, addressing a new vulnerability discovered, tracked as CVE-2021-45046 (CVSS 3.0 score 3.7), that may allow threat actors to cause Denial-of-Service (DoS) attacks in certain scenarios. According to Apache, this vulnerability is not patched in…
-
Guides & E-books
The 6 Critical Capabilities of a Complete SOC Solution
A SOC solution is an ideal way for businesses to maintain proper protection and response against cyberattacks, especially before they occur.
-
Threat Intelligence
Apple releases MacOS and Safari updates, patching multiple Remote and local Arbitrary Code Execution vulnerabilities
The updates fix a Remote Code Execution vulnerability in Big Sur’s libxml2 library, and multiple Arbitrary Code Execution vulnerabilities affecting the products.
-
Threat Intelligence
Google Chrome Patches 7 Vulnerabilities, one of which is an Exploited-in-the-Wild, Critical Arbitrary Code Execution Zero-Day
Google has released a new Chrome update, patching 1 actively exploited arbitrary code execution zero-day vulnerability and 6 additional ones.
-
Threat Intelligence
Fortinet FortiManager & FortiAnalyzer fgfmsd vulnerability allows RCE
Fortinet has released a security advisory regarding a Use-After-Free vulnerability which can lead to non-authenticated, privileged Remote Code Execution (RCE) on the affected system.
-
Threat Intelligence
Critical Vulnerability Allowing Remote Code Execution Patched in Juniper SBR Carrier Edition
Juniper patched a critical Buffer Overflow vulnerability in Juniper Steel-Belted Radius (SBR) Carrier Edition with EAP authentication configured, which could result in remote code execution (RCE).
-
Threat Intelligence
Critical Vulnerability Affecting VMware vCenter Servers
VMware has released an urgent security update addressing a critical remote code execution (RCE) vulnerability in the Virtual SAN Health Check plug-in affecting ALL vCenter Server deployments.