Avertium Blog (4)

Flash Notice: [CVE-2022-1388] Critical Remote Code Execution Vulnerability Found in F5's BIG-IP Systems

A critical vulnerability (CVE-2022-1388) was found in F5’s BIG-IP systems last week and is now being exploited in the wild.

Flash Notice: Critical RCE Vulnerability Found in VMware Workspace ONE Access & Identity Manager

Threat actors are currently exploiting an RCE vulnerability due to a server-side template injection in VMware Workspace ONE Access and Identity Manager.

What's Quantum Computing Got to do With It?

Today, we still hear about quantum computing + how it will break the current encryption methods on which we depend to secure and store data. To understand this threat, we need to understand how our current methods work.

VMware's Spring Boot Vulnerabilitiy & Exploit [CVE-2022-22965]

A zero-day remote code execution (RCE) vulnerability (CVE-2022-22965) was found in VMware’s Spring Framework. Learn how to protect yourself.

How to Detect Ransomware: Best Practices for Avoiding Malware Attacks

The best defense against ransomware is by understanding how ransomware works and how to effectively use mechanisms that detect it early.

Flash Notice: [CVE-2022-1096] Zero-Day Google Chrome Type Confusion Vulnerability

3/23/22 - Google was alerted about a dangerous zero-day vulnerability found in all Chromium based browsers. It's being tracked as CVE-2022-1096.

Flash Notice: Authentication Company, Okta, Breached by Lapsus$

Okta Inc., an authentication company used globally, is at the center of a potential data breach caused by the data extortion group, Lapsus$.

What Is Penetration Testing (Not All Pen Tests Are Created Equal)

The goal of a penetration test is to answer the question: Are we secured? Can we withstand social engineering or other attacks? Learn more!

CaddyWiper Malware Vs RURansom Wiper (The Cyber War Continues)

CaddyWiper, a data wiping malware, is targeting Ukrainian networks; while RURansom, which is also a wiper despite its name, is targeting Russian networks.

Flash Notice: Russian State-Sponsored Threat Actors Bypass Two-Factor Authentication Implementation, Gain Access to Cloud Storage Services

The FBI & CISA issued a statement this week warning companies that Russian state-sponsored threat actors gained access to an unnamed organization’s network

Prev 2 3 4 5 6 Next