Resources
Learn about CYREBRO’s platform, technology, and capabilities, read about industry insights, watch webinars with cyber experts, and much more in the resources below.
-
Threat Intelligence
Critical RCE Vulnerability in Linux Kernel
May 10, 2023 Critical RCE Vulnerability in Linux Kernel A novel Linux NetFilter kernel use-after-free vulnerability has been discovered, allows unprivileged local users to escalate their privileges to root level and perform code execution, and potentially total control over a machine. The Vulnerability CVE-2023-32233 – An use-after-free in Netfilter nf_tables when processing batch requests, allows…
-
Zyxel Patches a Critical RCE Vulnerability Affecting its Firewall Devices
April 30, 2023 Zyxel Patches a Critical RCE Vulnerability Affecting its Firewall Devices Zyxel has released a security advisory addressing a critical Remote Code Execution (RCE) vulnerability affecting its Firewall devices. Zyxel has also fixed several high-severity vulnerabilities in its firewalls that could result in denial-of-service (DoS), command execution, core dump, and encrypted information retrieval.…
-
Threat Intelligence
Service Location Protocol (SLP) Vulnerability Affecting Various Products
April 27, 2023 Service Location Protocol (SLP) Vulnerability Affecting Various Products Researchers discovered a new vulnerability in the Service Location Protocol (SLP). SLP is a protocol created to provide configuration for local area networks. Using SLP, a system registers itself with a directory agent, which makes its services available to other systems. Daemons providing SLP…
-
Threat Intelligence
INEA Patches Vulnerability in ME RTU
April 27, 2023 INEA Patches Vulnerability in ME RTU INEA issued a security advisory regarding OS Command Injection vulnerability in ME RTU (Remote Terminal Unit). The Critical Vulnerability CVE-2023-2131 (CVSS 3.1: 10, Critical) – OS Command Injection Vulnerability. Successful exploit of this vulnerability could allow a threat actor to remotely execute arbitrary code. Affected Products…
-
Threat Intelligence
Apache Superset Patches Vulnerability Caused by Insecure Default Configuration Exposes Servers to RCE
April 27, 2023 Apache Superset Patches Vulnerability Caused by Insecure Default Configuration Exposes Servers to RCE Apache Superset, which is an open source data visualization and exploration tool software, has been found vulnerable to authentication bypass and remote code execution due to usage of its default configurations. This allows attackers to potentially access and modify…
-
Threat Intelligence
VMware Patches Vulnerabilities in Workstation and Fusion Software
April 27, 2023 VMware Patches Vulnerabilities in Workstation and Fusion Software VMware issued a security advisory regarding four vulnerabilities affecting VMware Workstation and Fusion software, The critical one among them could allow a local attacker to carry out code execution. The Critical Vulnerability CVE-2023-20869 (CVSS 3.1: 9.3, Critical) – Stack-based buffer-overflow vulnerability. Successful exploit of…
-
Guides & E-books
How to Choose Cyber Security Tools That Won’t Get You Fired
Prepare for the never-ending uphill battle every security leader faces with an overview of the types of security tools on the market and how to decide which are best for your needs.
-
Guides & E-books
Questions to Ask Your Incident Response Provider
Incident response (IR) is critical to mitigating the fallout from a data breach. If your business uses a managed SOC provider for its cybersecurity, then incident response must be included in your package.
-
Guides & E-books
Ransomware Explained (Part 2): What is it and how to prevent it
Ransomware attacks are all too common in the cyber world. As such, understanding what they are is critical, and can be found here.
-
Guides & E-books
Ransomware Explained (Part 1): What is it and how to prevent it
Ransomware is essentially malware that uses encryption to hold a victim’s data at ransom.
-
Guides & E-books
How to Predict Attacks Using an Interactive SOC Platform in the Cloud
As threats increase, companies have to take a proactive, preventative approach to protect their data and livelihoods.
-
Guides & E-books
Will Your Endpoint Security Stand the Test During the Remote Working Revolution
Modern organizations use multiple connected devices to conduct their business, including intelligent printers, appliances, BYOD cellphones and tablets, and more
-
Threat Intelligence
Service Location Protocol (SLP) Vulnerability Affecting Various Products
April 27, 2023 Service Location Protocol (SLP) Vulnerability Affecting Various Products Researchers discovered a new vulnerability in the Service Location Protocol (SLP). SLP is a protocol created to provide configuration for local area networks. Using SLP, a system registers itself with a directory agent, which makes its services available to other systems. Daemons providing SLP…
-
Threat Intelligence
INEA Patches Vulnerability in ME RTU
April 27, 2023 INEA Patches Vulnerability in ME RTU INEA issued a security advisory regarding OS Command Injection vulnerability in ME RTU (Remote Terminal Unit). The Critical Vulnerability CVE-2023-2131 (CVSS 3.1: 10, Critical) – OS Command Injection Vulnerability. Successful exploit of this vulnerability could allow a threat actor to remotely execute arbitrary code. Affected Products…
-
Threat Intelligence
Apache Superset Patches Vulnerability Caused by Insecure Default Configuration Exposes Servers to RCE
April 27, 2023 Apache Superset Patches Vulnerability Caused by Insecure Default Configuration Exposes Servers to RCE Apache Superset, which is an open source data visualization and exploration tool software, has been found vulnerable to authentication bypass and remote code execution due to usage of its default configurations. This allows attackers to potentially access and modify…
-
Threat Intelligence
VMware Patches Vulnerabilities in Workstation and Fusion Software
April 27, 2023 VMware Patches Vulnerabilities in Workstation and Fusion Software VMware issued a security advisory regarding four vulnerabilities affecting VMware Workstation and Fusion software, The critical one among them could allow a local attacker to carry out code execution. The Critical Vulnerability CVE-2023-20869 (CVSS 3.1: 9.3, Critical) – Stack-based buffer-overflow vulnerability. Successful exploit of…
-
Threat Intelligence
Microsoft Patches Zero-Day Privilege Escalation Vulnerability in Windows
April 27, 2023 Microsoft Patches Zero-Day Privilege Escalation Vulnerability in Windows Microsoft has patched a zero-day privilege escalation vulnerability in win32kfull driver, which caused by a failure to validate an object’s existence before performing operations on it. The Critical Vulnerability CVE-2022-24542 (CVSS 3.1: 8.8, High) – Privilege Escalation Vulnerability. Successful exploit of this vulnerability allows a…
-
Threat Intelligence
Drupal Patches Critical Access Bypass Vulnerability
April 25, 2023 Drupal Patches Critical Access Bypass Vulnerability Drupal Core releases security advisory to address vulnerability affecting multiple Drupal versions. In some circumstances, the file download facility doesn’t sufficiently sanitize file paths. Users might gain access to private files that they should not have access to. The Vulnerability SA-CORE-2023-005 – Bypass Vulnerability. Successful exploit…
Cybersecurity Solution Comparison Guide for SMBs
With nearly half of all cyberattacks targeting small businesses, choosing the right cybersecurity solution has never been more important. Use this guide to compare enterprise-grade cybersecurity solutions that are for an SMB.
