News & Resources

Dive into our resource hub and explore top cybersecurity
topics along with what we do and what we can do for you.

Blog | Sep 28, 2022

Flash Notice: FARGO Ransomware Attacking Microsoft SQL Servers

Vulnerable Microsoft SQL servers are currently being targeted by threat actors and infected with FARGO ransomware (aka Mallox & TargetCompany).

Learn More

Threat Report | Sep 27, 2022

An In-Depth Look at APT35 aka Charming Kitten

The Iranian advanced persistent threat actor and cyberespionage group, APT35, aka Charming Kitten or Phosphorus, has been making headlines since 2014.

Today, Inc. revealed that Avertium is #781 on its annual Inc. 5000 list, the most prestigious ranking of the fastest-growing private companies in America.

Learn More

Threat Report | Aug 9, 2022

An In-Depth Look at the APT, Evilnum

Learn More

Threat Report | Jul 27, 2022

Healthcare Ransomware Threats - MedusaLocker & Maui

FBI, CISA, + more recently issued joint warnings for Maui and MedusaLocker ransomware. Both are currently responsible for many cyber attacks in healthcare.

Learn More

Blog | Jul 14, 2022

Flash Notice: [CVE-2022-22047] Microsoft Zero-Day Actively Exploited, Impacting Server & Client Windows Platforms

A zero-day, local privilege escalation vulnerability was found in the latest Widows 11 & Windows Server 2022 releases. It's being tracked as CVE-2022-22047

Learn More

Blog | Jul 13, 2022

Flash Notice: New Ransomware Family, HavanaCrypt, Disguises Itself as Fake Google Update

Researchers at Trend Micro discovered a new ransomware family that’s being delivered as a fake Google software update - HavanaCrypt.

Learn More

Threat Report | Jul 12, 2022

An In-Depth Look at Ransomware Gang, LockBit 3.0

As of 3/2022, the ransomware gang, LockBit, has re-branded itself as LockBit 3.0. LockBit 3.0, also known as LockBit Black, is active and in the wild.

Learn More

News | Jul 11, 2022

Facing Ransomware, Healthcare Systems Can't Use 'Hope as a Strategy'

Chief Healthcare Executive - Cyberattacks have become an increasingly dangerous threat to hospitals. Healthcare systems must take action.

Learn More

Threat Report | Jul 6, 2022

An In-Depth Look at Chinese APT ToddyCat

ToddyCat is a new APT, has been active since December 2020, and has attacked several high-profile organizations within the government and military sectors.

Learn More

Blog | Jul 6, 2022

Flash Notice: [CVE-2022-2294] Google Chrome Zero-Day Vulnerability Exploited by Attackers

Over the July Fourth weekend, Google released a patch for a high-severity zero-day Chrome vulnerability (CVE-2022-2294) that's being exploited in the wild.

Learn More

Threat Report | Jun 28, 2022

How the Tables Have Turned - Russia vs. Ukraine Part Three

Over the past 5 months, things have changed. It appears that Russia and Ukraine are now on equal footing regarding the Russia vs. Ukraine cyber war.

Learn More

Blog | Jun 27, 2022

Flash Notice: [CVE-2022-29499] Critical Zero-Day Vulnerability Found in Mitel VoIP Appliance

A ransomware attack was deployed against an unnamed mark using Mitel’s VoIP appliance as an entry point. CVE-2022-29499 is actively being used in the wild

Learn More

Threat Report | Jun 21, 2022

An In-Depth Look at Chinese APT, Aoqin Dragon

Active since 2013, the APT Aoqin Dragon flew under the radar for ten years before researchers at Sentinel Labs identified their activity.

Learn More

Threat Report | Jun 14, 2022

An In-Depth Look at the Data Extortion Group, Karakurt

This month, CISA issued a warning about a data extortion group called Karakurt. Let's take a detailed look at the group and their tactics.

This week, ESET researchers discovered three new cyber attacks against Ukraine: HermeticWizard, HermeticRansom, and IsaacWiper.

Learn More

Threat Report | Mar 1, 2022

Roaming Mantis, an Evolving Phishing Campaign

Roaming Mantis was first introduced in March 2018 and what started off as a banking trojan, has quickly evolved into much more.

Learn More

News | Feb 25, 2022

How to Prevent a Cyber Attack

During Patch Tuesday, Microsoft fixed a zero-day Windows vulnerability. However, the patch was bypassed and led to a new privilege elevation vulnerability named ‘InstallerFileTakeOver’.

Learn More

Blog | Nov 19, 2021

Flash Notice - APT Group Exploits FatPipe Zero-Day Vulnerability for 6 Months

The FBI issued a notice yesterday warning that APT has been exploiting a zero-day vulnerability in FatPipe’s router clustering and load balancer products.

Learn More

Blog | Nov 19, 2021

Flash Notice - Emotet Botnet is Back with New Spam Campaigns

Last seen in January 2021, after law enforcement took them down, Emotet is back & is using TrickBot to install Emotet malware on infected Windows systems.

Learn More

Blog | Nov 17, 2021

Flash Notice - BotenaGo Botnet Could Affect Millions of Routers & IoT Devices

A new botnet named BotenaGo has been seen in the wild targeting a number of IoT devices & routers. BotenaGo can exploit up to 30 different vulnerabilities.

Learn More

Threat Report | Nov 16, 2021

HIVE Ransomware: Everything You Need To Know (Attacks & Analysis)

Hive has a variety of techniques and tactics that are challenging for cyber security professionals to defend and mitigate. Learn more.

Learn More

Ebook | Nov 15, 2021

Creating a Business-First Incident Response Plan

Breaches are no longer a simple ransom to be paid. The ripple effect that follows an attack can leave a long-lasting impact if your company is not prepared.

Learn More

Threat Report | Nov 11, 2021

TIR-20211004 An In-Depth Look at Ransomware Gang, Conti

News | Sep 30, 2021

Avertium’s Paul Caiazzo Named “CISO of the Year” in 2021 CyberSecurity Breakthrough Awards Program

Chief Information Security Officer, Paul Caiazzo, has been named “CISO of the Year” in the fifth annual CyberSecurity Breakthrough Awards program.

Learn More

News | Sep 29, 2021

Avertium and Black Kite Announce Strategic Partnership in New Approach to Attack Surface Monitoring

Ebook | Sep 15, 2021

7 Metrics to Measure the Effectiveness of Your Security Operations

Avertium and LogRhythm explain metrics to measure the effectiveness of your security operations (SecOps) to detect and respond to cybersecurity events.

Learn More

Whitepaper | Sep 15, 2021

Budgeting for a Modern SIEM

Avertium and LogRhythm explain SIEM pricing models and educate SIEM buyers on how to mitigate security and financial risks associated with business growth.

Guide | Sep 15, 2021

Essential Guide to HIPAA Compliance

A complete guide to help you understand HIPAA compliance and the HIPAA Privacy, Security and Breach Notification Rules.

Learn More

Whitepaper | Sep 15, 2021

HIPAA Privacy During a COVID-19 Outbreak Re-Occurrence

Learn how to stay HIPAA compliant with the Privacy Rule and OCR Notifications of Enforcement Discretion during a COVID-19 pandemic outbreak re-occurrence.

Webinar | Sep 15, 2021

HIPAA Compliance in a Pandemic

Join the CEO of Avertium, Jeff Schmidt, for a discussion on the implications the pandemic has and will continue to have on HIPAA compliance.

Watch Now

Ebook | Sep 15, 2021

9 Steps to Manage Third-Party Information Security Risk

9 essential steps to managing third-party vendor risk that every information security professional can adopt for their organization.

Learn why XDR is more than technology in order to achieve a proactive and more mature security posture.

Webinar | Sep 15, 2021

Navigating Cybersecurity & Managing Data Breach Risks

Webinar providing tips on how to secure your company network, endpoints and remote workers in a remote working model.

Watch Now

Webinar | Sep 15, 2021

5 Essential Steps to Creating a Relevant Incident Response Plan

Incident response templates are readily available online but how well do they work for your company's specific policies, procedures, and workflows?

Watch Now

Checklist | Sep 15, 2021

The Ultimate Incident Response Plan Checklist

A cybersecurity incident response plan for a data breach takes thoughtful planning. Learn what's needed with this incident response (IR) planning checklist.

Learn More

Ebook | Sep 14, 2021

Leveraging Zero Trust Architecture to Contain & Combat Ransomware

Gain visibility on who's on your network by signing up to download our free eBook discussing how you can contain ransomware utilizing Zero Trust.

Learn More

Threat Report | Sep 14, 2021

TIR-20210913 TEAMTNT – “CHIMAERA” CRYPTOMINING MALWARE CAMPAIGN TARGETS SERVERS

TeamTNT released a new campaign known as "Chimaera" meant to cryptomine malware and is actively targeting several operating systems and applications.

Learn More

Blog | Sep 9, 2021

Lockbit 2.0 Ransomware: An In-Depth Look At Lockfile & LockBit

Emerging in July 2021, LockFile has compromised over 300 servers in an ongoing ransomware campaign. Learn more!

Learn More

Blog | Sep 9, 2021

Flash Notice – Microsoft Issues Warning for Remote Code Execution Vulnerability

A statement has been released by Microsoft warning users of a remote code execution vulnerability in Office 365 and Office 2019 on Windows 10.

Learn More

Blog | Aug 24, 2021

Threat Actor Profile – “BlackMatter” Ransomware

BlackMatter began making its presence known as a ransomware-as-a-service (RaaS) gang in 2021. Read more for indicators of compromise and our recommendations.

Learn More

Blog | Aug 18, 2021

Beware of Clever Email Phishing Campaigns

Phishing campaigns are a tried-and-true method for retrieving data, but certain email campaigns can be difficult to filter.

Learn More

Blog | Aug 13, 2021

Flash Notice – The PrintNightmare Continues

These disappointing developments coincide with reports of ransomware groups exploiting the PrintNightmare family of vulnerabilities in the wild.

Learn More

Blog | Aug 10, 2021

XDR: Tech Stack, Service, Process, or All Three?

What is eXtended Detection Response (XDR)? Is it a process, a tech stack, or a service? How does it differ from MDR and EDR?

Learn More

Blog | Aug 3, 2021

Microsoft Exchange Server Breach is Formally Attributed to China by the U.S

The extensive breach of Microsoft Exchange Server early this year has been formally attributed to China by the United States & several allies.

Learn More

Blog | Aug 3, 2021

President Biden’s Executive Order on Cybersecurity: What it does & What it doesn’t do

The growing need for cybersecurity has brought onto a new executive order. Read more to learn about what this means and where it falls short.

Learn More

Blog | Jul 28, 2021

A Zero Trust Network Architecture (ZTNA) POV with Appgate

As Zero Trust becomes more relevant, Appgate x Avertium leads the way in accelerating the customer's Zero Trust journey.

Learn More

Blog | Jul 22, 2021

July 4th Post Mortem on PrintNightmare and REvil

The latest noteworthy exploit leveraged a vulnerability in Microsoft’s Print Spooler Service to target IT Solutions company, Kaseya.

Learn More

Blog | Jul 16, 2021

Flash Notice: SonicWall Warns of Imminent Ransomware Attack Against EOL Products

SonicWall has released an urgent security bulletin to their customers using unpatched, end-of-life Secure Mobile Access 100 series and Secure Remote Access products.

Learn More

Blog | Jul 7, 2021

Summary of the International Institute for Strategic Studies’ Nation-State Cyber Power Assessment

Learn More

Threat Report | Jun 8, 2021

Cyber Espionage & Data Exfiltration attack results from 3-year old backdoor

This report is an overview of live espionage and data exfiltration resulting from a previously unknown backdoor that flew under the radar for over 3 years.

Learn More

Threat Report | Jun 2, 2021

New NOBELIUM Campaign focuses on phishing

This report is about a new malware campaign by a foreign adversarial nation-state threat actor recently being referred to as NOBELIUM.

Learn More

Blog | May 26, 2021

Flash Notice: VMware discloses critical vCenter server vulnerabilities

On May 25, 2021, VMware released a new critical security advisory, VMSA-2021-0010 (CVE-2021-21985 & CVE-2021-21986), affecting vCenter Server 6.5, 6.7, and 7.0.

Learn More

Blog | May 26, 2021

Examining the relationship between Vulnerability Announcements & the increase in attacks until mitigated

This report discusses the relationship between the time a new vulnerability is announced & the increase in attacks against it until patched.

Learn More

Blog | May 21, 2021

You're Secure - But are Your Vendors? Assessing Third Party Risk

With 3rd Party Risk in Cybersecurity, security teams can focus on more than just what to do AFTER an attack happens - remediation and containment.

Learn More

Blog | May 18, 2021

Malware Campaign utilizes Microsoft Executable MSBuild

This report is about a malware campaign using a well-known Microsoft executable called MSBuild to propagate in a file-less manner.

Learn More

Blog | May 18, 2021

Avertium Named Winner in the Coveted Global InfoSec Awards 2021

Avertium Wins “Next-Gen in Managed Security Service Provider (MSSP)” In 9th Annual Global InfoSec Awards at #RSAC 2021

Learn More

Blog | May 14, 2021

FiveHands Ransomware Overview

This report is an overview of the FiveHands Ransomware variant that successfully attacked an organization (CISA release date May 6, 2021).

As we move into 2021, ransomware attacks continue to rise and are increasingly executed through Ransomware as a Service (RaaS) gangs. Learn more.

Learn More

Threat Report | Apr 20, 2021

Clop Ransomware (TIR-20210419)

This report discusses Clop ransomware; it was discovered in February of 2019 and a recent increase in Clop attacks has been noticed by cybersecurity researchers.

Learn More

Blog | Apr 13, 2021

Phishing Campaign targets the Medical Research community

This report is about a well-known threat targeting the medical research community in both the United States and Israel.

Learn More

Blog | Apr 8, 2021

Does CMMC Immunize You to Ransomware?

Does CMMC immunize you to ransomware? Let's find out and discuss not only the requirement but also some of the perceived benefits of implementing such a framework.

Learn More

Blog | Apr 7, 2021

Two Vulnerabilities affect FireEye EX 3500

This report is about two vulnerabilities affecting FireEye EX 3500. The vulnerabilities are identified as CVE-2021-28970 and CVE-2021-28969.

Learn More

Threat Report | Mar 30, 2021

On March 2, 2021, Microsoft released a series of emergency security patches for Exchange Server 2019, 2016, 2013, and 2010 in order to combat several vulnerabilities.

Learn More

Blog | Mar 9, 2021

Growing Cybersecurity Company announces Chief Revenue Officer to Support Expansion

Today, Avertium announced the appointment of Ben Masino as the company’s Chief Revenue Officer (CRO).

Learn More

Blog | Mar 8, 2021

DarkSide Ransomware Overview

DarkSide ransomware is a Ransomware-as-a-Service (RaaS), primarily targeting Windows systems with the ability to target Linux OS variants.

Learn More

Threat Report | Mar 1, 2021

Threat Report: New Variant of MassLogger Trojan Malware targets Microsoft Outlook & Google Chrome

This report is about recent malware campaigns utilizing the MassLogger trojan (written in . NET) that is targeting popular applications.

Learn More

Blog | Feb 22, 2021

New Phishing Campaign uses Morse Code to avoid detection

This report is about a new phishing campaign that uses a unique method of obfuscation to avoid detection by traditional security appliances.

Learn More

Blog | Feb 15, 2021

Severe Windows Vulnerabilities impact Windows Client & Server OS Versions 7 and Above

This report is about three high severity Windows TCP/IP vulnerabilities tracked as CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086.

Learn More

Threat Report | Feb 9, 2021

Vovalex Ransomware (TIR-20210207)

Vovalex ransomware is the first ransomware written in D language and the first to be distributed through pirated software that masquerades as legitimate software such as various Windows utilities.

This threat report is about the multiple Dell Wyse ThinOS vulnerabilities, the techniques, tactics and procedures and how to remediate them.

Learn More

Blog | Dec 28, 2020

What is Mobile App Testing?

What is Mobile App Testing? Cybersecurity specialists utilize an assortment of tests and techniques to screen for vulnerabilities in order to evaluate the security of a mobile app.

Learn More

Threat Report | Dec 24, 2020

Threat Report: SunBurst Backdoor and Malware Campaign

This report is about the recently disclosed SunBurst backdoor and the related malware campaign.

Learn More

Threat Report | Dec 18, 2020

Threat Report: SolarWinds Orion Compromise Guidance

This report outlines the TTPs of the SolarWinds Orion compromise and recommended steps to identiy and mitigate known exposure.

This report describes the tactics, techniques, and procedures for backdoor malware with shell capability and targets content management systems.

Learn More

Threat Report | Oct 12, 2020

Content Management System malware attack drops Backdoor Shell

Learn More

Blog | Jul 27, 2020

SIGRed "Wormable" DNS Server vulnerability is critical to address

SIGRed, assigned as "wormable" DNS Server vulnerability may allow malicious actor Domain Administrator rights with devastating financial impact.

Learn More

Blog | Jul 20, 2020

Zoom Client for Windows Vulnerability recently discovered

Threat report about a newly discovered Zoom Client for Windows vulnerability that allows a remote attacker to execute arbitrary code on a victim’s computer.

Learn More

Blog | Jul 17, 2020

Why Root Cause Analysis is Crucial to Incident Response (IR)

Performing incident response root cause analysis can help your organization identify outlying factors that may have contributed to a data breach. Read more.

Learn More

Blog | Jul 15, 2020

How to write a Business Continuity Plan to fit your enterprise

How to write a business continuity plan to fit your business, including primary goals, what a BCP includes, and business continuity planning steps.

Learn More

Blog | Jul 15, 2020

Avertium adds Sophos 2020 MSP Partner of the Year, Americas to List of Partner Awards

Avertium Adds Sophos 2020 MSP Partner of the Year, Americas to List of Partner Awards

Learn More

Blog | Jul 13, 2020

Citrix Vulnerabilities: NetScaler ADC, NetScaler Gateway and SD-WAN WANOP

This threat report is about a series of Citrix vulnerabilities within Citrix ADC (NetScaler ADC), Gateway (NetScaler Gateway), and SD-WAN WANOP.

Learn More

Blog | Jul 9, 2020

Why Patch Management is Important for Cyber Security

This post explains strong patch management importance in cyber security, best practices, and how to implement a program that manages risk.

Learn More

Blog | Jul 7, 2020

What's New in HITRUST CSF Version 9.4 CMMC and NIST Mapping

Learn about the added HITRUST CMMC and NIST mapping aspects of this recently released HITRUST CSF version 9.4.

Learn More

Blog | Jul 6, 2020

Palo Alto PAN-OS Vulnerability with CVSS score of 10 issued

This threat report is about CVE-2020-2021, a newly discovered critical vulnerability in the Palo Alto PAN-OS and carries a CVSS score of 10.

Learn More

Blog | Jun 30, 2020

Am I ready for a PCI ROC?

This post answers PCI Report on Compliance (ROC) questions, help you determine if you're ready, and gives tips for doing a PCI readiness assessment.

Learn More

Blog | Jun 29, 2020

Cisco Webex Meetings Desktop App Vulnerability

This threat report is about a Cisco Webex Meetings Desktop App vulnerability referred to as CVE-2020-3263 with Cisco updates to remediate.

Learn More

Blog | Jun 25, 2020

Cloud Security Using Defense in Depth

Learn the argument for defense cloud security, the challenges of implementing cloud cybersecurity, and how to protect your cloud environment. Read the blog.

Learn More

Blog | Jun 25, 2020

First HIPAA Risk Assessment? Here's how to be prepared

This article provides an introduction to HIPAA risk analysis and four things to remember when preparing for your first HIPAA risk assessment.

Learn More

Blog | Jun 23, 2020

Ransomware Prevention to Incident Response

Blog | May 12, 2020

Newly discovered SolarWinds MSP Vulnerability presents nation-state threat

This threat report is about a recently discovered SolarWinds MSP patch management engine (PME) vulnerability called CVE-2020-12608.

Learn More

Blog | May 12, 2020

Using MITRE ATT&CK Framework for Beyond-Checkbox Cybersecurity

Using the MITRE ATT&CK framework helps cybersecurity teams get insight into the tactics, techniques, and procedures adversaries use to compromise networks.

Learn More

Blog | May 7, 2020

4 Security precautions before reintroducing devices to the network

During the transition back to office environments, organizations should take these four security precautions before reintroducing devices to the network.

Learn More

Blog | May 6, 2020

Achieve Secure Cloud Adoption using HITRUST

We explain how using HITRUST to achieve secure cloud adoption helps assign responsibility for security controls between businesses and third-party vendors.

Learn More

Blog | May 5, 2020

3 things for HIPAA Compliance when returning to normal operations

Here are things your workers responsible for protecting the privacy of PHI at all times should do for HIPAA compliance when returning to normal operations.

Learn More

Blog | May 4, 2020

VMWare ESXI Vulnerability Allows Malicious Code Injection

Learn about CVE-2020-3955, a VMWare ESXI vulnerability caused by the improper validation of user-supplied inputs, and what to do to protect your business.

Learn More

Blog | Apr 30, 2020

Complying with HIPAA Encryption Standards: What you need to know

Successfully complying with HIPAA encryption standards to protect ePHI is expected by HHS. Learn what you need to do to be HIPAA compliant.

CISO advice for ensuring your managed security service provider is protecting you and themselves by adhering to a cybersecurity gold standard.

Learn More

Blog | Apr 16, 2020

Community Bank Cybersecurity during COVID-19

Community bank cybersecurity has become even more difficult during COVID-19 due to the shift to a remote workforce and increased phishing scams. Learn more.

Learn More

Blog | Apr 14, 2020

How to protect workers from increased phishing attacks during COVID-19

Protect your workers from increased phishing attacks during COVID-19 by teaching them phishing scam indicators, creating a safe reporting culture, and more.

Learn More

Blog | Apr 13, 2020

CVE-2020-3952 VMWare vCenter Software Vulnerability

This report is about the CVE-2020-3952 VMWare vCenter software vulnerability caused by improper access controls affecting the VMware Directory Service.

Learn More

Blog | Apr 8, 2020

AT&T Cybersecurity names Avertium 2019 North American Partner of the Year

Avertium is named AT&T Cybersecurity's 2019 North American Partner of the Year. The award recognizes Avertium for outstanding growth in North America.

Learn More

Threat Report | Feb 3, 2020

Ragnorak and Eternal Blue Exploit CVE-2019-19781

This report is about a ransomware campaign that utilizes Ragnorak and Eternal blue to exploit the heavily reported vulnerability CVE-2019-19781.

Learn More

Threat Report | Dec 5, 2019

Dexphot Polymorphic Malware

Report on Dexphot polymorphic malware whose campaign is to crytomine but deploys a sophisticated approach that makes detection and deploying countermeasures difficult.

Learn More

Threat Report | Nov 26, 2019

Firefox Vulnerability and Fake Tech support page scammers

A report in the Firefox vulnerability and the fake technical support page scam that attempts to steal credentials with our recommended countermeasures.

Learn More

News & Resources

SUBSCRIBE

Flash Notice: FARGO Ransomware Attacking Microsoft SQL Servers

An In-Depth Look at APT35 aka Charming Kitten

Flash Notice: Update #2 - Critical Confluence Zero-Day Vulnerability Still Under Active Exploitation

Everything You Need to Know About Callback Phishing

Flash Notice: Windows Privilege Escalation Zero-Day

Flash Notice: Apple Fixes 8th Zero-Day Vulnerability

The Top 5 Cyber Threats in the Energy Sector

An In-Depth Look at the Emotet Botnet

Flash Notice: Google Patches Chrome Zero-Day

Avertium announces new Detection-as-Code Content Packs in Fusion MXDR by leveraging SnapAttack

North Korea is the Threat

To CMMC & Beyond: What You can do Today to Prepare for CMMC Tomorrow

Flash Notice: Palo Alto Network Firewall Bug Actively Exploited

When Cybercriminal Gangs Go Dark - Avaddon, AstraLocker & Conti

Flash Notice: UPDATE - Apple Releases Security for Zero-Day Vulnerabilities Exploited by Attackers

Flash Notice: Zeppelin Ransomware Targets Healthcare

Flash Notice: [CVE-2022-2856] New Google Chrome Zero-Day Exploited by Attackers

Avertium Ranks No. 781 on the 2022 Inc. 5000 Annual List of America's Fastest-Growing Private Companies

An In-Depth Look at Quantum Ransomware

An In-Depth Look at the APT, Evilnum

Ransomware Lifecycle Attack

Avertium Recognized on the CRN Fast Growth 150 List for 2022

The Art + Science of Pre-Crime Threat Hunting

Flash Notice: Large Scale Phishing Attack Targeting Microsoft Email Servers

How healthcare organizations can stay safe from API vulnerabilities

Flash Notice: Atlassian Confluence Critical Hardcoded Password Vulnerability Under Active Exploitation

Healthcare Ransomware Threats - MedusaLocker & Maui

Everything You Need to Know About the APT, Fancy Bear

Flash Notice: [CVE-2022-22047] Microsoft Zero-Day Actively Exploited, Impacting Server & Client Windows Platforms

Flash Notice: New Ransomware Family, HavanaCrypt, Disguises Itself as Fake Google Update

An In-Depth Look at Ransomware Gang, LockBit 3.0

Facing Ransomware, Healthcare Systems Can't Use 'Hope as a Strategy'

An In-Depth Look at Chinese APT ToddyCat

Flash Notice: [CVE-2022-2294] Google Chrome Zero-Day Vulnerability Exploited by Attackers

How the Tables Have Turned - Russia vs. Ukraine Part Three

Flash Notice: [CVE-2022-29499] Critical Zero-Day Vulnerability Found in Mitel VoIP Appliance

An In-Depth Look at Chinese APT, Aoqin Dragon

An In-Depth Look at the Data Extortion Group, Karakurt

The Top 5 Cyber Threats Within the Education Sector

Avertium Named Winner of Coveted Global InfoSec Awards During RSA Conference 2022

Flash Notice: Critical Confluence Zero-Day Vulnerability Exploited by Attackers

An In-Depth Look at Black Basta Ransomware

Flash Notice: "Follina" a Microsoft Office Zero-Day RCE Vulnerability

An In-Depth Look at AvosLocker Ransomware

Flash Notice: VMWare Vulnerabilities Found in Multiple Products

How Your Third Parties are Making You Uninsurable

How Did We Get Here? The Past, Present, and Future of Supply Chain Risk

Flash Notice: [CVE-2022-1040] Critical Sophos Firewall RCE Vulnerability

API Attacks & Best Practices

The Top 5 Cyber Threats Within the Manufacturing Industry

Flash Notice: [CVE-2022-1388] Critical Remote Code Execution Vulnerability Found in F5's BIG-IP Systems

Ragnar Locker Ransomware: Everything You Need To Know (Attacks & Analysis)

How is the U.S. government preparing for critical infrastructure attacks?

Flash Notice: Critical RCE Vulnerability Found in VMware Workspace ONE Access & Identity Manager

Lapsus$: An In-Depth Look at Data Extortion Group

Russia vs. Ukraine Part Two

What's Quantum Computing Got to do With It?

An In-Depth Look at Iranian APT "MuddyWater"

An In-Depth Look at Pandora Ransomware

Flash Notice: [CVE-2022-22965] Critical Zero-Day RCE Vulnerability Found in VMware's Spring Framework

How to Detect Ransomware: Best Practices for Avoiding Malware Attacks

Flash Notice: [CVE-2022-1096] Zero-Day Google Chrome Type Confusion Vulnerability

Remain Vigilant: Log4Shell Still Being Exploited

2022 Ransomware Trends

Flash Notice: Authentication Company, Okta, Breached by Lapsus$

How to Raise Your Healthcare Organization’s Game to Combat Cybercriminals

An In-depth Look at Conti's Leaked Log Chats

Not all Penetration Tests are Created Equal: Tools for Effective Pen Testing

CaddyWiper Malware Vs RURansom Wiper (The Cyber War Continues)

Flash Notice: Russian State-Sponsored Threat Actors Bypass Two-Factor Authentication Implementation, Gain Access to Cloud Storage Services

An In-depth Look at the Kraken Botnet

"Bronze Mohawk" & Cyber Espionage

2022 Cybersecurity Predictions

Flash Notice: HermeticWizard, HermeticRansom, and IsaacWiper Target Ukraine

Roaming Mantis, an Evolving Phishing Campaign

How to Prevent a Cyber Attack

Federal Agencies Warn of Cyber Threats After Russia Sanctions

Fears Rise of Potential Russian Cyberattacks on US, Allies Over Sanctions