Fortinet Users Beware: New RCE Vulnerabilities Disclosed
A recent vulnerability in FortiOS and FortiProxy that allows unwarranted access and remote code execution (RCE) has been patched by Fortinet. RCE enables attackers to bypass security features on your devices (firewall in this case). This directly leads to your corporate network becoming compromised, and lets attackers perform lateral movement in the network and perform […]
Ivanti Exploited: Third Zero-Day Vulnerability Uncovered (CVE-2024-21893)
A new Ivanti Connect Secure and Ivanti Policy Secure server-side request forgery (SSRF) vulnerability has come under exploitation. This vulnerability (tracked as CVE-2024-21893) was first documented in a patch released on Jan 31. Exploitation of CVE-2024-21893 enables malicious actors to bypass authentication and access restricted files in the organization. Ivanti Users beware! For new users, […]
TeamViewer Exploited to Breach Vulnerable Networks and Deploy Ransomware
TeamViewer users: beware. Ransomware actors have been abusing the tool to worm their way into organization endpoints. Their goal: to deploy encryptors derived from the leaked LockBit ransomware builder. TeamViewer is a widely used remote access tool prized for its ease-of-use and potential as a productivity tool, supplementing remote and hybrid work arrangements around the […]
A Beginners Guide to Managed Cloud Backup Services
In an era where data forms the backbone of modern businesses, the importance of robust data management strategies cannot be overstated. The increasing reliance that most organizations contend with on digital assets increases their attack surface and vulnerability of data, especially to loss, corruption, or ransomware. This poses a significant threat to business continuity. In […]
Fortifying Your Digital Defence: The Importance of Multi-Factor Authentication
Protecting Your Business As cyber threats continue to evolve, so do an organization’s security measures. Multi-Factor Authentication (MFA) has quickly become a staple for businesses in keeping their employees and assets safe. With ransomware incidents and vulnerabilities being exploited, MFA is an essential part of a cybersecurity toolkit. What is Multi-Factor Authentication, and Why is it Essential? Multi-Factor […]
New Phishing Method Discovered in Recent Cyber Attacks | Don’t Get Hooked!
The rapid advancements in technology have greatly contributed to the remarkable progress of human civilization, offering countless modern conveniences. However, as technology continues to evolve, it opens doors for individuals with malicious intent to constantly seek new avenues for exploitation. Unfortunately, one such method employed by these individuals is phishing through email spam. A Dangerous […]
Cybersecurity Alert! Critical Vulnerabilities Found on Microsoft’s Outlook, Windows and Other Products
According to a recent article by Tenable, Microsoft patched 76 CVEs in its March 2023 Patch Tuesday release. Among these 76 CVEs, three critical CVEs with a common vulnerability scoring system (CVSS) score of 9.8/10 (Highly Critical) were found. “CVE-2023-23397”, one of the three critical CVEs, allows a hacker to “gain control” of a user’s computer […]
Top 9 Password-Creating Tips That Will Change Your Life | Password Security
Whether we notice it or not, password security has become a vital part of our modern lives. We use passwords to protect things that are important to us such as our phones, computers, and even our money. So, it is only right for us to take the necessary steps required to ensure we create passwords […]
Reducing Risks of Computer Virus Attacks in Hybrid Work Environments
The era of a hybrid work environment is here, and there is no turning back. The increased flexibility and other benefits come with a price–one that we can still afford to pay. From malwares, virus attacks, to system hacks, there are ways that we can reduce the risks and keep our computers safe and secure. […]
Cybersecurity Threat: “Follina Vulnerability” Explained
On 27th May 2022, a remote code execution (RCE) vulnerability identified as CVE-2022-30190 was uncovered in the Microsoft Support Diagnostic Tool (MSDT). This vulnerability is better known as the “Follina” zero-day vulnerability. According to Microsoft, “An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then […]