Resources

Learn about CYREBRO’s platform, technology, and capabilities, read about industry insights, watch webinars with cyber experts, and much more in the resources below.  

  • Microsoft Patches 3 0-Days & 24 RCEs
    Threat Intelligence

    Microsoft Patches 3 0-Days & 24 RCEs

    May 11, 2022  Microsoft Patches 3 0-Days & 24 RCEs As part of May’s monthly security rollup updates, Microsoft has patched 3 0-Days (1 actively exploited), and 24 remote code execution vulnerabilities.  Overall, Microsoft has patched 75 vulnerabilities across Windows, Windows Server, Hyper-V, Azure, Office and other products.  The Zero-Day Vulnerabilities CVE-2022-26904 (CVSS 3.1: 8.1, High Severity) –…

  • F5 Patches Critical BIG-IP Device Takeover Vulnerability
    Threat Intelligence

    F5 Patches Critical BIG-IP Device Takeover Vulnerability

    May 8, 2022  F5 Patches Critical BIG-IP Device Takeover Vulnerability  F5 has patched a critical vulnerability affecting BIG-IP devices that may lead to device takeover.   The Vulnerability CVE-2022-1388 (CVSS 3.1: 9.8, Critical) – Undisclosed requests may bypass iControl REST authentication. This may result in remote code execution and modification of files and services.  Affected Products…

  • Cisco Patches 2 NFVIS RCE Vulnerabilities
    Threat Intelligence

    Cisco Patches 2 NFVIS RCE Vulnerabilities

    May 8, 2022  Cisco Patches 2 NFVIS RCE Vulnerabilities Cisco has patched 2 NFV Infrastructure Software remote code execution vulnerabilities, one rated critical.  Cisco NFVIS is a Linux-based infrastructure software for deploying virtualized network functions (virtual router, firewall, WAN acceleration, etc.) on a supported Cisco appliance.  The Vulnerabilities CVE-2022-20777 (CVSS 3.1: 9.9, Critical) – A…

  • Atlassian Patches Critical Jira Authentication Bypass Vulnerability
    Threat Intelligence

    Atlassian Patches Critical Jira Authentication Bypass Vulnerability

    April 24, 2022  Atlassian Patches Critical Jira Authentication Bypass Vulnerability  Atlassian has issued a security advisory addressing a critical authentication bypass vulnerability affecting Jira and Jira Service Management (non-cloud versions).  Exploiting the vulnerability may lead to remote code execution on the affected system.  The Vulnerability CVE-2022-0540 (CVSS 3.1: 9.9, Critical) – A vulnerability in Jira…

  • Microsoft Patches Zero-Day Vulnerability in Edge browser Exploited in the Wild 
    Threat Intelligence

    Microsoft Patches Zero-Day Vulnerability in Edge browser Exploited in the Wild 

    April 17, 2022 Microsoft Patches Zero-Day Vulnerability in Edge browser Exploited in the Wild Following the update of Google Chrome, Microsoft has released an emergency update for Edge, addressing an actively exploited Zero-Day.  The updated version is 100.0.1185.44 for Windows, Mac, and Linux.  The Vulnerability CVE-2021-4102, High Severity – type confusion weakness in the Chrome V8…

  • Google Chrome 0-Day Vulnerability Exploited in the Wild
    Threat Intelligence

    Google Chrome 0-Day Vulnerability Exploited in the Wild

    April 17, 2022  Google Chrome 0-Day Vulnerability Exploited in the Wild Google has released an emergency update for Chrome, addressing an actively exploited Zero-Day.  The updated version is 100.0.4896.127 for Windows, Mac and Linux.  The Vulnerability CVE-2021-4102, High Severity – type confusion weakness in the Chrome V8 JavaScript engine.  While type confusion vulnerabilities typically cause browser…

  • Microsoft Patches 3 0-Days & 24 RCEs
    Threat Intelligence

    Microsoft Patches 3 0-Days & 24 RCEs

    May 11, 2022  Microsoft Patches 3 0-Days & 24 RCEs As part of May’s monthly security rollup updates, Microsoft has patched 3 0-Days (1 actively exploited), and 24 remote code execution vulnerabilities.  Overall, Microsoft has patched 75 vulnerabilities across Windows, Windows Server, Hyper-V, Azure, Office and other products.  The Zero-Day Vulnerabilities CVE-2022-26904 (CVSS 3.1: 8.1, High Severity) –…

  • F5 Patches Critical BIG-IP Device Takeover Vulnerability
    Threat Intelligence

    F5 Patches Critical BIG-IP Device Takeover Vulnerability

    May 8, 2022  F5 Patches Critical BIG-IP Device Takeover Vulnerability  F5 has patched a critical vulnerability affecting BIG-IP devices that may lead to device takeover.   The Vulnerability CVE-2022-1388 (CVSS 3.1: 9.8, Critical) – Undisclosed requests may bypass iControl REST authentication. This may result in remote code execution and modification of files and services.  Affected Products…

  • Cisco Patches 2 NFVIS RCE Vulnerabilities
    Threat Intelligence

    Cisco Patches 2 NFVIS RCE Vulnerabilities

    May 8, 2022  Cisco Patches 2 NFVIS RCE Vulnerabilities Cisco has patched 2 NFV Infrastructure Software remote code execution vulnerabilities, one rated critical.  Cisco NFVIS is a Linux-based infrastructure software for deploying virtualized network functions (virtual router, firewall, WAN acceleration, etc.) on a supported Cisco appliance.  The Vulnerabilities CVE-2022-20777 (CVSS 3.1: 9.9, Critical) – A…

  • Atlassian Patches Critical Jira Authentication Bypass Vulnerability
    Threat Intelligence

    Atlassian Patches Critical Jira Authentication Bypass Vulnerability

    April 24, 2022  Atlassian Patches Critical Jira Authentication Bypass Vulnerability  Atlassian has issued a security advisory addressing a critical authentication bypass vulnerability affecting Jira and Jira Service Management (non-cloud versions).  Exploiting the vulnerability may lead to remote code execution on the affected system.  The Vulnerability CVE-2022-0540 (CVSS 3.1: 9.9, Critical) – A vulnerability in Jira…

  • Microsoft Patches Zero-Day Vulnerability in Edge browser Exploited in the Wild 
    Threat Intelligence

    Microsoft Patches Zero-Day Vulnerability in Edge browser Exploited in the Wild 

    April 17, 2022 Microsoft Patches Zero-Day Vulnerability in Edge browser Exploited in the Wild Following the update of Google Chrome, Microsoft has released an emergency update for Edge, addressing an actively exploited Zero-Day.  The updated version is 100.0.1185.44 for Windows, Mac, and Linux.  The Vulnerability CVE-2021-4102, High Severity – type confusion weakness in the Chrome V8…

  • Google Chrome 0-Day Vulnerability Exploited in the Wild
    Threat Intelligence

    Google Chrome 0-Day Vulnerability Exploited in the Wild

    April 17, 2022  Google Chrome 0-Day Vulnerability Exploited in the Wild Google has released an emergency update for Chrome, addressing an actively exploited Zero-Day.  The updated version is 100.0.4896.127 for Windows, Mac and Linux.  The Vulnerability CVE-2021-4102, High Severity – type confusion weakness in the Chrome V8 JavaScript engine.  While type confusion vulnerabilities typically cause browser…