Flash Notice: VMware Discloses Critical vCenter Server Vulnerabilities – PATCH IMMEDIATELY 

Need to Report an Incident? Call +1 (877) 707-7997

Cybersecurity at scale without complexity at scale

CYBERSECURITY AT SCALE, WITHOUT COMPLEXITY AT SCALE.

We are the human element delivering every facet of cybersecurity services – cloud, data, network, endpoints – with more rigor, more relevance and more responsiveness. Over 2,500 organizations rely on the Avertium team to simplify, scale and level-up their security posture.

 

Avertium. Show No Weakness™

STRATEGIC ASSESSMENT & ADVISORY SERVICES

Comprehensive portfolio of cybersecurity consulting services from actionable risk assessments to pen testing, cyber augmentation services to digital forensics and incident response.

MANAGED SECURITY SERVICES

XDR approach to managed security services with MDR, EDR, Managed Vulnerability Management and Managed Zero Trust Networking to address complex hybrid cloud environments, device proliferation and advanced threat landscape.

GOVERNANCE & COMPLIANCE

Deep bench of certified professionals to guide and help navigate the complex compliance and data privacy landscape including gap analysis and remediation services. [PCI DSS, HIPAA, HITRUST, SOC 1-3, NIST and more].

What people say.

LATEST THREAT REPORTS

Cyber Espionage & Data Exfiltration Attack Results from 3-Year Old Backdoor

Executive Summary This report is an overview of live espionage and data exfiltration resulting from a previously unknown backdoor that flew under the radar for over 3 years. The weapon? Spear phishing with official-looking documents targeting government employees. The target? A Southeast Asian government. There is medium-to-high-confidence that the Chinese APT

New NOBELIUM Campaign Focuses on Phishing

Executive Summary This report is about a new malware campaign by a foreign adversarial nation-state threat actor recently being referred to as NOBELIUM. The threat actor has gained prominence for its involvement in the SolarWinds supply chain attack. This new campaign focuses on phishing using a sophisticated toolset. Tactics, Techniques, and

Flash Notice: VMware Discloses Critical vCenter Server Vulnerabilities – PATCH IMMEDIATELY

Overview Details: On May 25, 2021, VMware released a new critical security advisory, VMSA-2021-0010 (CVE-2021-21985 & CVE-2021-21986), affecting vCenter Server 6.5, 6.7, and 7.0. These vulnerabilities could allow a malicious actor to gain access to vCenter by exploiting the vSAN plugin, even if vSAN is not currently in use. VMware has also made improvements to

Examining the Relationship Between Vulnerability Announcements & the Increase in Attacks Until Mitigated

Overview of TIR-20210524 This report discusses the relationship between the time a new vulnerability is announced and the increase in observed attacks against the vulnerability until it can be patched. The public-facing internet attack surface of many businesses has expanded dramatically in recent years due to the decreasing cost of cloud-computing