Resources
Learn about CYREBRO’s platform, technology, and capabilities, read about industry insights, watch webinars with cyber experts, and much more in the resources below.
-
Threat Intelligence
Microsoft Patches 3 0-Days & 24 RCEs
May 11, 2022 Microsoft Patches 3 0-Days & 24 RCEs As part of May’s monthly security rollup updates, Microsoft has patched 3 0-Days (1 actively exploited), and 24 remote code execution vulnerabilities. Overall, Microsoft has patched 75 vulnerabilities across Windows, Windows Server, Hyper-V, Azure, Office and other products. The Zero-Day Vulnerabilities CVE-2022-26904 (CVSS 3.1: 8.1, High Severity) –…
-
Threat Intelligence
F5 Patches Critical BIG-IP Device Takeover Vulnerability
May 8, 2022 F5 Patches Critical BIG-IP Device Takeover Vulnerability F5 has patched a critical vulnerability affecting BIG-IP devices that may lead to device takeover. The Vulnerability CVE-2022-1388 (CVSS 3.1: 9.8, Critical) – Undisclosed requests may bypass iControl REST authentication. This may result in remote code execution and modification of files and services. Affected Products…
-
Threat Intelligence
Cisco Patches 2 NFVIS RCE Vulnerabilities
May 8, 2022 Cisco Patches 2 NFVIS RCE Vulnerabilities Cisco has patched 2 NFV Infrastructure Software remote code execution vulnerabilities, one rated critical. Cisco NFVIS is a Linux-based infrastructure software for deploying virtualized network functions (virtual router, firewall, WAN acceleration, etc.) on a supported Cisco appliance. The Vulnerabilities CVE-2022-20777 (CVSS 3.1: 9.9, Critical) – A…
-
Threat Intelligence
Atlassian Patches Critical Jira Authentication Bypass Vulnerability
April 24, 2022 Atlassian Patches Critical Jira Authentication Bypass Vulnerability Atlassian has issued a security advisory addressing a critical authentication bypass vulnerability affecting Jira and Jira Service Management (non-cloud versions). Exploiting the vulnerability may lead to remote code execution on the affected system. The Vulnerability CVE-2022-0540 (CVSS 3.1: 9.9, Critical) – A vulnerability in Jira…
-
Threat Intelligence
Microsoft Patches Zero-Day Vulnerability in Edge browser Exploited in the Wild
April 17, 2022 Microsoft Patches Zero-Day Vulnerability in Edge browser Exploited in the Wild Following the update of Google Chrome, Microsoft has released an emergency update for Edge, addressing an actively exploited Zero-Day. The updated version is 100.0.1185.44 for Windows, Mac, and Linux. The Vulnerability CVE-2021-4102, High Severity – type confusion weakness in the Chrome V8…
-
Threat Intelligence
Google Chrome 0-Day Vulnerability Exploited in the Wild
April 17, 2022 Google Chrome 0-Day Vulnerability Exploited in the Wild Google has released an emergency update for Chrome, addressing an actively exploited Zero-Day. The updated version is 100.0.4896.127 for Windows, Mac and Linux. The Vulnerability CVE-2021-4102, High Severity – type confusion weakness in the Chrome V8 JavaScript engine. While type confusion vulnerabilities typically cause browser…
-
Guides & E-books
Hacker Simulation and Strategic Monitoring
Hacker Simulators are tools and exercises that help businesses understand and improve their security posture by evaluating the effectiveness of their cybersecurity.
-
Guides & E-books
Cybersecurity and Data Protection Laws: European Financial Services Firms
Financial services firms’ exact data protection and cybersecurity obligations may vary according to where in Europe there are based and what services they provide
-
Guides & E-books
How to Choose Cyber Security Tools That Won’t Get You Fired
Prepare for the never-ending uphill battle every security leader faces with an overview of the types of security tools on the market and how to decide which are best for your needs.
-
Guides & E-books
Questions to Ask Your Incident Response Provider
Incident response (IR) is critical to mitigating the fallout from a data breach. If your business uses a managed SOC provider for its cybersecurity, then incident response must be included in your package.
-
Guides & E-books
Ransomware Explained (Part 2): What is it and how to prevent it
Ransomware attacks are all too common in the cyber world. As such, understanding what they are is critical, and can be found here.
-
Guides & E-books
Ransomware Explained (Part 1): What is it and how to prevent it
Ransomware is essentially malware that uses encryption to hold a victim’s data at ransom.
-
Threat Intelligence
Microsoft Patches 3 0-Days & 24 RCEs
May 11, 2022 Microsoft Patches 3 0-Days & 24 RCEs As part of May’s monthly security rollup updates, Microsoft has patched 3 0-Days (1 actively exploited), and 24 remote code execution vulnerabilities. Overall, Microsoft has patched 75 vulnerabilities across Windows, Windows Server, Hyper-V, Azure, Office and other products. The Zero-Day Vulnerabilities CVE-2022-26904 (CVSS 3.1: 8.1, High Severity) –…
-
Threat Intelligence
F5 Patches Critical BIG-IP Device Takeover Vulnerability
May 8, 2022 F5 Patches Critical BIG-IP Device Takeover Vulnerability F5 has patched a critical vulnerability affecting BIG-IP devices that may lead to device takeover. The Vulnerability CVE-2022-1388 (CVSS 3.1: 9.8, Critical) – Undisclosed requests may bypass iControl REST authentication. This may result in remote code execution and modification of files and services. Affected Products…
-
Threat Intelligence
Cisco Patches 2 NFVIS RCE Vulnerabilities
May 8, 2022 Cisco Patches 2 NFVIS RCE Vulnerabilities Cisco has patched 2 NFV Infrastructure Software remote code execution vulnerabilities, one rated critical. Cisco NFVIS is a Linux-based infrastructure software for deploying virtualized network functions (virtual router, firewall, WAN acceleration, etc.) on a supported Cisco appliance. The Vulnerabilities CVE-2022-20777 (CVSS 3.1: 9.9, Critical) – A…
-
Threat Intelligence
Atlassian Patches Critical Jira Authentication Bypass Vulnerability
April 24, 2022 Atlassian Patches Critical Jira Authentication Bypass Vulnerability Atlassian has issued a security advisory addressing a critical authentication bypass vulnerability affecting Jira and Jira Service Management (non-cloud versions). Exploiting the vulnerability may lead to remote code execution on the affected system. The Vulnerability CVE-2022-0540 (CVSS 3.1: 9.9, Critical) – A vulnerability in Jira…
-
Threat Intelligence
Microsoft Patches Zero-Day Vulnerability in Edge browser Exploited in the Wild
April 17, 2022 Microsoft Patches Zero-Day Vulnerability in Edge browser Exploited in the Wild Following the update of Google Chrome, Microsoft has released an emergency update for Edge, addressing an actively exploited Zero-Day. The updated version is 100.0.1185.44 for Windows, Mac, and Linux. The Vulnerability CVE-2021-4102, High Severity – type confusion weakness in the Chrome V8…
-
Threat Intelligence
Google Chrome 0-Day Vulnerability Exploited in the Wild
April 17, 2022 Google Chrome 0-Day Vulnerability Exploited in the Wild Google has released an emergency update for Chrome, addressing an actively exploited Zero-Day. The updated version is 100.0.4896.127 for Windows, Mac and Linux. The Vulnerability CVE-2021-4102, High Severity – type confusion weakness in the Chrome V8 JavaScript engine. While type confusion vulnerabilities typically cause browser…