Blog | Mar 23, 2023 Everything You Need to Know About HIPAA Compliance Find information on HIPAA compliance + regulatory standards, frequently asked questions, and more with Avertium to stay prepared. Learn More
Blog | Mar 23, 2023 Threat Hunting Recognized by NIST as an Official Cybersecurity Discipline The NIST RA-10: Threat Hunting highlights the need for threat hunting as a component of a robust and maturing cybersecurity program for all company sizes. Learn More
Threat Report | Mar 21, 2023 Government & Law Enforcement Crack Down On Cybercrime Over the past 2 years, large ransomware groups like HIVE ransomware have been dismantled by law enforcement after several months or years of investigation. Learn More
Blog | Mar 17, 2023 Strengthening Cybersecurity: HITRUST CSF v11 2023 Updates HITRUST CSF v11 updates make it easier for organizations to use previous assessments to upgrade to higher levels of HITRUST assurance with less effort. Learn More
Threat Report | Mar 16, 2023 Flash Notice: Critical Outlook Vulnerability for Windows is Easy to Exploit A critical vulnerability (CVE-2023-23397) was found in Microsoft Outlook for Windows that could allow an attacker to remotely steal hashed passwords. Learn More
Threat Report | Mar 16, 2023 Compromising a Network Through Active Directory Certificate Services Let’s look at how ADCS misconfigurations can be used to elevate privileges & why it’s important for businesses to assess those potential misconfigurations. Learn More
Threat Report | Mar 15, 2023 Flash Notice: Fortinet FortiOS Vulnerability Exploited by Attackers This week, an unknown threat actor began exploiting a FortiOS vulnerability (CVE-2022-41328) that was patched this month. Learn More
Threat Report | Mar 13, 2023 Flash Notice: Critical Fortinet Vulnerability Impacts FortiOS and FortiProxy A critical vulnerability was found in Fortinet devices running FortiOS and FortiProxy. The vulnerability is tracked as CVE-2023-25610 and has a CVSS score Learn More
Threat Report | Mar 13, 2023 Flash Notice: High Severity Vulnerability Found in Veeam Backup and Replication A high-severity vulnerability has been discovered in Veeam Backup and Replication software, which supports virtual machines running on Hyper-V Learn More
News | Mar 8, 2023 Hackers Behind Oakland Ransomware Attack Dump Data on City Employees PC Mag –- The Play ransomware group publishes links to a 10GB database containing confidential information on numerous city employees. Learn More
Threat Report | Mar 7, 2023 2023 Ransomware Group Trends In this Threat Intelligence Report, we look at this year’s ransomware group trends and what we can expect from the threat actors as we move forward. Learn More
Threat Report | Mar 6, 2023 Flash Notice: Patch Immediately - PoC Exploit Publicly Available for Microsoft Word RCE Vulnerability A proof-of-concept (PoC) exploit for CVE-2023-21716, a severe RCE vulnerability found in Microsoft Word, is now accessible to the public. Learn More
Threat Report | Mar 3, 2023 Flash Notice: Cisco IP Phone Vulnerabilities Cisco has released security updates for vulnerabilities impacting its IP Phone 6800, 7800, 7900, and 8800 Series products. Learn More
News | Mar 2, 2023 Security Concerns Continue Surrounding Tik Tok WATE News –- Mike Wilkinson, director of digital forensics and incident response at Avertium explains whether these security concerns are valid or not. Learn More
Blog | Mar 2, 2023 Securing the Customer Channel: 2 Critical Things for Retailers to Know Explore the challenges retailers face and take a look at 2 critical factors retailers must know to protect the customer channel and build trust with them. Learn More
Threat Report | Mar 1, 2023 Moving Beyond Email - Alternative Vehicles for Social Engineering Although email remains a common vehicle for social engineering attacks, threat actors have been utilizing other means to manipulate their targets. Learn More
Threat Report | Mar 1, 2023 Cyber Threats Unveiled: SSH Scanning and XorDDos Propagation This report discusses the apparently automated approach used by a threat actor to identify vulnerable hosts, install the XorDDoS bot, & launch DDoS attacks Learn More
Threat Report | Feb 21, 2023 A Closer Look at QakBot Last week, Avertium's Cyber Threat Intelligence team published a Flash Notice regarding QakBot and its distribution of malware - let's take a closer look. Learn More
Threat Report | Feb 21, 2023 Flash Notice: Four Vulnerabilities Found in Cisco Security Products Two vulnerabilities were found in the Cisco ClamAV scanning library – an open-source cross-platform antimalware toolkit. Learn More
News | Feb 21, 2023 Avertium Recognized on CRN's 2023 MSP 500 List Avertium Ranks in Security Top 100 for Seventh Consecutive Year. Learn More
News | Feb 20, 2023 The Top Three Cyber Threats Defined in Manufacturing SME.com –- Staying on top of cyber threats is a critical step for manufacturers to establish resiliency and business continuity. Learn More
Threat Report | Feb 20, 2023 Flash Notice: Critical Vulnerabilities Found in FortiNAC and FortiWeb Fortinet released security updates for two critical vulnerabilities (CVE-2022-39952 and CVE-2022-42756) found in FortiNAC and FortiWeb products. Learn More
Threat Report | Feb 16, 2023 TIR-20230213 Threat Actors, Car Systems, and Weak API Security An API is typically behind any interaction between a vehicle and its user. The discovered vulnerabilities affected well-known brands such as Toyota, Mercedes, Porsche, Ferrari, and others. Learn More
Threat Report | Feb 16, 2023 Flash Notice: Microsoft Patches Three Zero-Day Vulnerabilities This week, Microsoft patched 3 zero-day vulnerabilities (CVE-2023-21715, CVE-2023-21823, & CVE-2023-23376) that are currently being exploited by attackers. Learn More
Threat Report | Feb 15, 2023 Flash Notice: Apple Patches Two Vulnerabilities, Including a Zero-Day In response to attacks aimed at hacking iPhones, iPads, & Macs, Apple issued urgent security updates that address two vulnerabilities - one a zero-day. Learn More
Threat Report | Feb 10, 2023 Flash Notice: Beware - QakBot Group Infects Microsoft's OneNote with QakNote Malware The group TA577 or QakBot has been distributing malware to infect systems via OneNote files since January 31, 2023, with a spike in attacks just this week. Learn More
News | Feb 10, 2023 A Warning to Employers: Callback Phishing is on the Rise Venteur –- Phishing is getting much more sophisticated—because in some ways, it’s getting simpler. Learn More
Threat Report | Feb 7, 2023 Everything You Need to Know About Cross-Site Request Forgery (CSRF) Cross-Site Request Forgery (CSRF) is a method of attack where an external actor is communicating with an app on behalf of a user, without their knowledge. Learn More
Threat Report | Feb 6, 2023 Flash Notice: Thousands of Unpatched VMware Servers Hit by Two-Year Old Vulnerability This weekend ESXiArgs ransomware hit VMware servers & encrypted thousands of unpatched internet exposed ESXi systems through a 2-year old RCE vulnerability Learn More
Threat Report | Feb 3, 2023 Flash Notice: Cisco Command-Injection Vulnerability Found in Production Equipment A command-injection vulnerability was found in Cisco’s production equipment. CVE-2023-20076 could allow unauthorized root-level access & RCE. Learn More
Threat Report | Feb 2, 2023 Flash Notice: Critical QNAP NAS Vulnerability A critical vulnerability was found in QNAP Systems’ network-attached storages devices (NAS). CVE-2022-27596 is rated critical with a CVSS score of 9.8. Learn More
Threat Report | Jan 31, 2023 Everything You Need to Know About the Data Extortion Group, RansomHouse RansomHouse is a fairly new operation that focuses on breaching networks via vulnerabilities to steal their targets’ data. Learn More
Blog | Jan 30, 2023 The Rise of Cyber Fusion – A Holistic Cybersecurity Approach What is cyber fusion? Cyber fusion refers to the unification of security functions to create a holistic approach to cybersecurity. Learn More
News | Jan 30, 2023 Hive Ransomware: Modern, Efficient Business Model Yahoo News –- The DOJ's shutdown of the Hive ransomware operation highlights how hacking has become an ultra-efficient, specialized industry. Learn More
Threat Report | Jan 24, 2023 Flash Notice: Apple Zero-Day Impacts Older iPhones and iPads An actively exploited iOS zero-day vulnerability (CVE-2022-42856) was found in older versions of Apple’s iPhones and iPads. Learn More
Threat Report | Jan 24, 2023 Flash Notice: UPDATE - Zoho ManageEngine Vulnerability Exploited in the Wild UPDATE: 2/27/2023 - vulnerability (CVE-2022-47966) was found in two dozen Zoho ManageEngine products which is currently being exploited in the wild. Learn More
Blog | Jan 20, 2023 The Basics of Cybersecurity Maturity What does ‘maturity’ mean? Take a look at 3 basic steps you need to know to determine your cyber maturity + how that helps drive positive business impact. Learn More
Threat Report | Jan 18, 2023 CVE-2014-2383: LFI/RFI Escalation to RCE Avertium’s Threat Labs observed the presence of CVE-2014-2383 in a client environment. This TIR mimics the environment in which CVE-2014-2383 was exploited. Learn More
Threat Report | Jan 13, 2023 Flash Notice: Microsoft Patch Tuesday Addresses 11 Critical Vulnerabilities & 1 Zero-Day Microsoft recently released its Patch Tuesday fixes which included a patch for an actively exploited zero-day vulnerability, CVE-2023-21674. Learn More
Threat Report | Jan 11, 2023 Flash Notice: High-Severity JsonWebToken Library Vulnerability A vulnerability was found in the open source JsonWebToken (JWT) library that could allow an attacker to achieve remote code execution on a server. Learn More
Threat Report | Jan 10, 2023 MITM Attacks - EvilProxy and Evilginx EvilProxy is a phishing-as-a-service toolkit available on the dark web. Evilginx is another MITM framework used for phishing credentials & session cookies. Learn More
News | Jan 6, 2023 Who are LockBit Gang? The Group Behind the Ransomware and Apology to SickKids Hospital iHeartRadio | The Jerry Agar Show –- GUEST: Mike Wilkinson, Director of DFIR for cybersecurity firm Avertium, discusses SickKids Hospital attack & apology. Learn More
Threat Report | Jan 6, 2023 Flash Notice: High-Severity Fortinet Vulnerabilities Impact FortiTester and FortiADC Two high-severity vulnerabilities (CVE-2022-35845 and CVE-2022-39947) were found in Fortinet’s FortiADC and FortiTester. Learn More
Threat Report | Jan 5, 2023 Flash Notice: Zoho Manage Engine Vulnerability - Patch Now This week, Zoho disclosed a critical security vulnerability (CVE-2022-47523) impacting some of their ManageEngine products. Learn More
Threat Report | Jan 4, 2023 An In-Depth Look at Play Ransomware Play ransomware (aka PlayCrypt) is a new ransomware operation that launched in June 2022 and has amassed a steady stream of victims across the world. Learn More
Threat Report | Dec 29, 2022 Flash Notice: Critical Linux Kernel Vulnerability Can Lead to Remote Code Execution This week, VMware patched a critical vulnerability (CVE-2022-31705) impacting ESXi, Workstation, Cloud Foundation, and Fusion. Learn More
Threat Report | Dec 28, 2022 End of the Year Recap and What to Expect for 2023 In this end-of-year report, we look at this year's most talked about cyber threats and what organizations can expect for 2023. Learn More
Threat Report | Dec 20, 2022 TIR-20221219: Stay Vigilant with Cybersecurity During the Holidays This report looks at why organizations and individuals should be consistent with using cybersecurity best practices during the holiday season. Learn More
Threat Report | Dec 16, 2022 Flash Notice: Critical VMware Vulnerabilities This week, VMware patched a critical vulnerability (CVE-2022-31705) impacting ESXi, Workstation, Cloud Foundation, and Fusion. Learn More
News | Dec 15, 2022 Avertium Advances its Cyber Fusion Capabilities by Adding Microsoft Security Expertise Today, Avertium has announced the addition of Microsoft Security expertise to its team of threat defense professionals. Learn More
Threat Report | Dec 15, 2022 Flash Notice: Critical Remote Code Execution Vulnerability Found in SPNEGO An RCE Vulnerability found in the common Windows Protocol SPNEGO NEGOEX has been upgraded from a 3.1 CVSS score to an 8.1. Learn More
Threat Report | Dec 14, 2022 Flash Notice: Critical Citrix Zero-Day Exploited by Attackers A critical zero-day vulnerability (CVE-2022-27518) was found in Citrix ADC and Gateway. It is an unauthenticated remote code execution vulnerability. Learn More
Threat Report | Dec 13, 2022 Flash Notice: Critical Fortinet Zero-Day Vulnerability Exploited in the Wild A critical zero-day vulnerability (CVE-2022-42475) was found in multiple versions of Fortinet’s FortiOS SSL-VPN. Learn More
Threat Report | Dec 13, 2022 Everything You Need to Know About Royal Ransomware After emerging in January 2022, Royal ransomware is a ransomware strain that is being distributed by ransomware threat actors from previous operations. Learn More
Ebook | Dec 13, 2022 2023 Cybersecurity Landscape: 8 Lessons for Cybersecurity Professionals Guided by what we've learned in 2022, here are 8 cybersecurity lessons you can take into 2023 to prevent and recover from incoming threats. Learn More
Threat Report | Dec 7, 2022 Flash Notice: Google Patches Actively Exploited Zero-Day A zero-day vulnerability impacting all browser versions of Google Chrome (including Opera & Microsoft Edge) is being actively exploited by threat actors. Learn More
Threat Report | Dec 6, 2022 An Update on HIVE Ransomware Last month, CISA & the FBI released an advisory stating that HIVE ransomware attacks have continued, and they have attacked over 1300 businesses since 2021 Learn More
Threat Report | Dec 1, 2022 Flash Notice: Oracle Vulnerability Actively Exploited A patched vulnerability (CVE-2021-35587) found in Oracle’s Fusion Middleware Access Manager (OAM) is currently under active exploitation. Learn More
Threat Report | Nov 30, 2022 The Pitfalls of Online Chat Features There are ways for organizations to stay safe but continue to provide the convenience of an online chat feature on their site - let's take a look at them. Learn More
Threat Report | Nov 22, 2022 An In-Depth Look at the North Korean Threat Actor, ZINC In September, Microsoft observed the North Korean threat actor, ZINC, targeting individuals from the Infosec community on LinkedIn and Twitter. Learn More
Threat Report | Nov 18, 2022 Flash Notice: Two High-Severity Vulnerabilities Found in F5 BIG-IP and BIG-IQ Products This week, Rapid7 researchers discovered two high-severity vulnerabilities in F5 BIG-IP and BIG-IQ products running customized distribution of CentOS. Learn More
Ebook | Nov 17, 2022 Everything You Need to Know to Create An Effective Incident Response Plan Creating an effective response plan specific to your business is the best way to ensure you are ready to mitigate the effect of a cyberattack. Learn how. Learn More
News | Nov 16, 2022 Managed Security Services Market Worth $49.6 Billion by 2027, Report Says Security Systems News –- A report by MarketsandMarkets has predicted the growth of the managed security services market to an estimated $49 billion by 2027 Learn More
Threat Report | Nov 15, 2022 An Update on LockBit 3.0 This report looks at the recent activity of LockBit 3.0, their tactics and techniques, as well as the state of ransomware for 2022. Learn More
Blog | Nov 14, 2022 About Microsoft 365 E5 License including Defender for Endpoint Upgrading to Microsoft 365 E5 from E3 doesn't have to be a challenge. Here's what you need to know about Microsoft 365 E5 License, its use cases, & more. Learn More
Threat Report | Nov 14, 2022 Flash Notice: Citrix and VMware Disclose Critical Vulnerabilities, Could Impact Remote Workspaces This week Citrix issued patches for 3 vulnerabilities impacting their Gateway & ADC products. VMware also warned customers about 3 critical vulnerabilities Learn More
Threat Report | Nov 9, 2022 MFA Breaches & MFA Fatigue This Threat Intelligence Report looks at MFA attacks and what organizations can do to move toward better protection. Learn More
News | Nov 7, 2022 Avertium Names Bill Carroll New Chief Executive Officer Today, Avertium announced the appointment of Bill Carroll as the company’s new Chief Executive Officer. Learn More
Threat Report | Nov 2, 2022 Flash Notice: OpenSSL Project - Two High Severity Vulnerabilities Two critical vulnerabilities that were found in OpenSSL Project’s open-source cryptographic library have now been downgraded to high-severity. Learn More
Threat Report | Nov 1, 2022 An In-Depth Look at Lorenz Ransomware Emerging in 2021, Lorenz ransomware has targeted organizations worldwide, demanding thousands of dollars in ransom. Learn More
Threat Report | Oct 28, 2022 Flash Notice: Cisco VPN Vulnerabilities Exploited in the Wild This week, Cisco announced that there are two vulnerabilities affecting their AnyConnect product. They are being tracked as CVE-2020-3433 & CVE-2020-3153. Learn More
News | Oct 27, 2022 Avertium Named Microsoft Security Solutions Partner Avertium has been named a Microsoft Security Solutions Partner, an elite designation among cybersecurity companies. Learn More
Threat Report | Oct 25, 2022 Flash Notice: Windows Zero-Day Exploited - JavaScript Files Bypass Security Warnings A Windows zero-day vulnerability is allowing threat actors to use malicious stand-alone JavaScript files to bypass Mark-of-the-web security warnings. Learn More
Threat Report | Oct 25, 2022 Iranian Cyber Threats - APT42 & HomeLand Justice CISA and the FBI recently warned that Iranian threat actors APT42 and HomeLand Justice have been consistently improving their offensive cyber capabilities. Learn More
Ebook | Oct 21, 2022 2022 Common Indicators of a Phishing Attempt In this eBook, we dive into phishing and its most prevalent tactics as well as how to spot and stop attacks before they occur. Learn More
Webinar | Oct 19, 2022 Breaking Down Barriers with Detection-as-Code Join us as we discuss Avertium powered by SnapAttack, our process & methodology behind detection-as-code, and what integrated partnerships like this have to offer you and your business. Watch Now
Threat Report | Oct 19, 2022 “Microsoft Patches Zero-Days Impacting Microsoft Office and Windows” CVE-2022-41082 and CVE-2022-41040, now dubbed ProxyNotShell, are bugs that can be chained together and used to breach corporate networks. Learn More
Threat Report | Oct 18, 2022 An In-Depth Look at Russian Threat Actor, Killnet Russian hacktivists like Killnet are making threats against and attacking not only Ukraine, but the U.S. as well. Learn More
Blog | Oct 17, 2022 Reducing Ransomware Risk in Healthcare The impacts of the global pandemic have put the healthcare industry at the top of the list for ransomware threats. Learn More
Threat Report | Oct 11, 2022 An In-Depth Look at Vice Society Ransomware Threat actors like Vice Society know that education has a low rate of cyber insurance coverage, & it's likely a driving force behind their attacks on schools. Learn More
Blog | Oct 10, 2022 Flash Notice: Critical Fortinet Vulnerability Impacting Fortigate Firewalls and FortiProxy Web Proxies A critical Fortinet authentication bypass vulnerability tracked as CVE-2022-40684 exists in FortiGate firewalls and FortiProxy web proxies. Learn More
News | Oct 7, 2022 What $1B in Cybersecurity Funding Can Mean for US State, Local Governments Help Net Security -- How do you best spend a cybersecurity budget you have long been hoping you’d get? Learn More
News | Oct 7, 2022 Avertium Fusion MXDR Strengthens Threat Defense Intelligence for Microsoft Security Customers Help Net Security -- Avertium announced Fusion MXDR, a new service the security partner is providing for Microsoft Security customers. Learn More
News | Oct 7, 2022 Cybersecurity Conflict Russia and Ukraine - Paul Caiazzo, Avertium Techstrong TV -- Paul Caiazzo, advisor to Avertium, explains how the cybersecurity conflict between Russia & Ukraine is impacting the average organization. Learn More
News | Oct 7, 2022 5 Cyber Threats Facing the Education Sector Security Magazine -- Student and school community data has been targeted by cyberattackers throughout the past years. Learn More
News | Oct 7, 2022 Ukraine Under Assault Compass Knox -- Local observers offer personal and professional perspectives on Russia’s invasion and its ramifications. Learn More
News | Oct 6, 2022 Avertium's Fusion MXDR Gains Recognition for Innovation Avertium Wins “Security Response Solution of the Year” at 6th Annual International Cybersecurity Breakthrough Awards Learn More
Threat Report | Oct 4, 2022 Everything You Need to Know About Bumblebee Malware Bumblebee has been solidified as a highly sophisticated malware that is distributed via phishing email campaigns. Learn More
Blog | Oct 3, 2022 Flash Notice: UPDATE - Microsoft Exchange Double Zero-Day Vulnerabilities There are two zero-day vulnerabilities affecting Microsoft Exchange Server 2013, 2016, and 2019: CVE-2022-41040 and CVE-2022-41082. Learn More
News | Sep 28, 2022 Tips to Keep Your Teen Safe on Social Media WATE News -- Social media: it’s a common way for predators to gain access to unsuspecting users, especially young ones. Learn More
Blog | Sep 28, 2022 Flash Notice: FARGO Ransomware Attacking Microsoft SQL Servers Vulnerable Microsoft SQL servers are currently being targeted by threat actors and infected with FARGO ransomware (aka Mallox & TargetCompany). Learn More
Threat Report | Sep 27, 2022 An In-Depth Look at APT35 aka Charming Kitten The Iranian advanced persistent threat actor and cyberespionage group, APT35, aka Charming Kitten or Phosphorus, has been making headlines since 2014. Learn More
Blog | Sep 22, 2022 Flash Notice: Update #2 - Critical Confluence Zero-Day Vulnerability Still Under Active Exploitation Although Atlassian released updates for critical Confluence vulnerability CVE-2022-26134 in June 2022, attackers are still compromising unpatched devices. Learn More
Threat Report | Sep 20, 2022 Everything You Need to Know About Callback Phishing This threat report looks at callback phishing, the threat actors who use the attack vector, and why organizations everywhere need to be on high alert. Learn More
Blog | Sep 15, 2022 Flash Notice: Windows Privilege Escalation Zero-Day Flash Notice: Microsoft patched a high severity zero-day vulnerability this week that is now being tracked as CVE-2022-37969. Learn More
News | Sep 14, 2022 Emotet Resurfacing as Power Player in Ransomware Wars, Avertium Warns MSSP Alert -- Avertium, a Top 250 MSSP, has released a new threat intelligence report that takes a deep dive on the notorious Emotet botnet. Learn More
Blog | Sep 14, 2022 Flash Notice: Apple Fixes 8th Zero-Day Vulnerability This week, Apple released security updates to address a zero-day vulnerability (CVE-2022-32917) impacting iPhones and macOS. Learn More
Threat Report | Sep 13, 2022 The Top 5 Cyber Threats in the Energy Sector We look at the top 5 cyber threats within the energy sector + why energy companies need cybersecurity best practices to keep their cyber environments safe. Learn More
News | Sep 13, 2022 East Tennessee Tech Expert Shares Tips for Keeping Your Online Accounts Safe WBIR 10 News -- The CEO of a local IT company says you should manage your digital legacy the same way you would your physical legacy. Learn More
Threat Report | Sep 7, 2022 An In-Depth Look at the Emotet Botnet After 10 months of darkness, Emotet came back with a vengeance in 2021. In Q1 2022, Emotet re-emerged using new variants that employed old & new techniques Learn More
Blog | Sep 7, 2022 Flash Notice: Google Patches Chrome Zero-Day A high-severity, zero-day vulnerability (Cve-2022-3075) was found in Google’s Chrome web browser. Learn More
Blog | Aug 31, 2022 Avertium announces new Detection-as-Code Content Packs in Fusion MXDR by leveraging SnapAttack By bringing offensive tradecraft into the defensive process, Avertium is taking one of many steps forward on the journey towards enabling proactive cybersecurity for each and every one of the clients we serve. Learn More
Threat Report | Aug 30, 2022 North Korea is the Threat Lately, North Korean threat actors have been extremely visible. While attacks from North Korea are not unusual, there has been an uptick in activity. Learn More
Blog | Aug 30, 2022 To CMMC & Beyond: What You can do Today to Prepare for CMMC Tomorrow The Cybersecurity Maturity Model Certification (CMMC) is coming–whether you’re ready or not. Today it’s primarily meant for the Department Learn More
Blog | Aug 24, 2022 Flash Notice: Palo Alto Network Firewall Bug Actively Exploited A high-severity vulnerability, CVE-2022-0028, was found in Palo Alto Networks’ PAN-OS. Learn More
Threat Report | Aug 23, 2022 When Cybercriminal Gangs Go Dark - Avaddon, AstraLocker & Conti Recently, threat actors like AstraLocker, Conti, and Avaddon have gone dark. Are these groups really saying goodbye or are they just rebranding? Learn More
Blog | Aug 22, 2022 Flash Notice: UPDATE - Apple Releases Security for Zero-Day Vulnerabilities Exploited by Attackers Apple released security updates for vulnerabilities (CVE-2022-32894 and CVE-2022-32893) found in iOS, iPadOS, MacOS Big Sur, and macOS Monterey. Learn More
Blog | Aug 18, 2022 Flash Notice: Zeppelin Ransomware Targets Healthcare Zeppelin ransomware is targeting the healthcare sector with a new campaign that involves multi-encryption tactics. Learn More
Blog | Aug 18, 2022 Flash Notice: [CVE-2022-2856] New Google Chrome Zero-Day Exploited by Attackers Google released a patch for their 5th zero-day vulnerability in 2022. CVE-2022-2856 is a high-severity bad input validation vulnerability impacting Chrome. Learn More
News | Aug 16, 2022 Avertium Ranks No. 781 on the 2022 Inc. 5000 Annual List of America's Fastest-Growing Private Companies Today, Inc. revealed that Avertium is #781 on its annual Inc. 5000 list, the most prestigious ranking of the fastest-growing private companies in America. Learn More
Threat Report | Aug 16, 2022 An In-Depth Look at Quantum Ransomware Quantum ransomware is a newer, lesser-known ransomware that operates with the RaaS model & has been successful with compromising healthcare organizations. Learn More
Threat Report | Aug 9, 2022 An In-Depth Look at the APT, Evilnum Active since 2018, the APT Evilnum is a group that initially targeted the financial sector but has now switched gears & is targeting immigration orgs. Learn More
Blog | Aug 9, 2022 Ransomware Lifecycle Attack Ransomware attacks have become increasingly more common. Learn about the lifecycle of a ransomware attack and how you can prevent one. Learn More
News | Aug 8, 2022 Avertium Recognized on the CRN Fast Growth 150 List for 2022 Avertium has been named to the CRN Fast Growth 150 list, ranking among the fastest growing North American It solution providers and technology integrators. Learn More
Webinar | Aug 5, 2022 The Art + Science of Pre-Crime Threat Hunting Threat hunting is an essential strategy. Learn about threat hunting vs. threat detection, emerging threat hunting methodologies, and much more. Watch Now
Blog | Aug 5, 2022 Flash Notice: Large Scale Phishing Attack Targeting Microsoft Email Servers A large-scale phishing campaign disclosed this week is primarily targeting corporate enterprise users of Microsoft email servers. Learn More
Threat Report | Aug 2, 2022 How Healthcare Organizations Can Stay Safe from API Vulnerabilities Application programming interfaces (APIs) are increasingly being used by healthcare firms, & threat actors are realizing how valuable they can be to target Learn More
Blog | Jul 29, 2022 Flash Notice: Atlassian Confluence Critical Hardcoded Password Vulnerability Under Active Exploitation A hardcoded credentials vulnerability was found by Atlassian last week in the Questions for Confluence app and is under active exploitation. Learn More
Threat Report | Jul 27, 2022 Healthcare Ransomware Threats - MedusaLocker & Maui FBI, CISA, + more recently issued joint warnings for Maui and MedusaLocker ransomware. Both are currently responsible for many cyber attacks in healthcare. Learn More
Threat Report | Jul 19, 2022 Everything You Need to Know About the APT, Fancy Bear Since 2008, Russian APT Fancy Bear has used fear & social engineering to trick victims into opening malicious email attachments or click malicious links. Learn More
Blog | Jul 14, 2022 Flash Notice: [CVE-2022-22047] Microsoft Zero-Day Actively Exploited, Impacting Server & Client Windows Platforms A zero-day, local privilege escalation vulnerability was found in the latest Widows 11 & Windows Server 2022 releases. It's being tracked as CVE-2022-22047 Learn More
Blog | Jul 13, 2022 Flash Notice: New Ransomware Family, HavanaCrypt, Disguises Itself as Fake Google Update Researchers at Trend Micro discovered a new ransomware family that’s being delivered as a fake Google software update - HavanaCrypt. Learn More
Threat Report | Jul 12, 2022 An In-Depth Look at Ransomware Gang, LockBit 3.0 As of 3/2022, the ransomware gang, LockBit, has re-branded itself as LockBit 3.0. LockBit 3.0, also known as LockBit Black, is active and in the wild. Learn More
News | Jul 11, 2022 Facing Ransomware, Healthcare Systems Can't Use 'Hope as a Strategy' Chief Healthcare Executive -- Cyberattacks have become an increasingly dangerous threat to hospitals. Healthcare systems must take action. Learn More
Threat Report | Jul 6, 2022 An In-Depth Look at Chinese APT ToddyCat ToddyCat is a new APT, has been active since December 2020, and has attacked several high-profile organizations within the government and military sectors. Learn More
Blog | Jul 6, 2022 Google Chrome Zero-Day Vulnerability Exploit [CVE-2022-2294] Over the 4th of July weekend, Google released a patch for a high-severity zero-day Chrome vulnerability. Learn everything you need to know in our blog. Learn More
Threat Report | Jun 28, 2022 How the Tables Have Turned - Russia vs. Ukraine Part Three Over the past 5 months, things have changed. It appears that Russia and Ukraine are now on equal footing regarding the Russia vs. Ukraine cyber war. Learn More
Blog | Jun 27, 2022 Flash Notice: [CVE-2022-29499] Critical Zero-Day Vulnerability Found in Mitel VoIP Appliance A ransomware attack was deployed against an unnamed mark using Mitel’s VoIP appliance as an entry point. CVE-2022-29499 is actively being used in the wild Learn More
Threat Report | Jun 21, 2022 An In-Depth Look at Chinese APT, Aoqin Dragon Active since 2013, the APT Aoqin Dragon flew under the radar for ten years before researchers at Sentinel Labs identified their activity. Learn More
Threat Report | Jun 14, 2022 An In-Depth Look at the Data Extortion Group, Karakurt This month, CISA issued a warning about a data extortion group called Karakurt. Let's take a detailed look at the group and their tactics. Learn More
Threat Report | Jun 7, 2022 The Top 5 Cyber Threats Within the Education Sector This report looks at the top 5 cyber threats within higher education & what the education sector can do to prevent devastating cyber attacks from happening Learn More
News | Jun 6, 2022 Avertium Named Winner of Coveted Global InfoSec Awards During RSA Conference 2022 Avertium Wins “Most Comprehensive MDR” and “Hot Company MSSP” in 10th Annual Global InfoSec Awards. Learn more! Learn More
Blog | Jun 6, 2022 Flash Notice: Critical Confluence Zero-Day Vulnerability Exploited by Attackers A critical unpatched remote code execution vulnerability (CVE-2022-26134) was found in Atlassian’s Confluence Server and Data Center products. Learn More
Threat Report | Jun 1, 2022 An In-Depth Look at Black Basta Ransomware 04/2022 - a new ransomware group named Black Basta, known for stealing corporate data & documents, began targeting several high-value organizations. Learn More
Blog | Jun 1, 2022 Flash Notice: "Follina" a Microsoft Office Zero-Day RCE Vulnerability Over the holiday weekend, a Windows/Office zero-day vulnerability, given the name Follina, was discovered and found to be exploited in the wild. Learn More
Threat Report | May 24, 2022 An In-Depth Look at AvosLocker Ransomware AvosLocker ransomware has recently caught the attention of both the FBI and cybersecurity researchers. This report takes an in-depth look at AvosLocker. Learn More
Blog | May 20, 2022 Flash Notice: VMWare Vulnerabilities Found in Multiple Products 5/19/22 - VMware issued patches for security flaws CVE-2022-22972 & CVE-2022-22973 found in Workspace ONE Access, Identity Manager, + vRealize Automation. Learn More
Webinar | May 18, 2022 How Your Third Parties are Making You Uninsurable Learn how threat actors are exploiting third-party risks and how insurance carriers can quantify those risks to write more comprehensive cyber policies. Watch Now
Webinar | May 18, 2022 How Did We Get Here? The Past, Present, and Future of Supply Chain Risk Learn about the impact of historical supply chain attacks, what the future of supply chain risk looks like, and what you can be doing to prevent a breach. Watch Now
Blog | May 18, 2022 CVE-2022-1040: Critical Sophos Firewall RCE Vulnerability CVE-2022-1040 is an authentication bypass vulnerability located in the User Portal and Webadmin areas of Sophos Firewall. Learn more! Learn More
Threat Report | May 17, 2022 API Attacks & Best Practices To keep your company from becoming a victim of an API attack, you’ll need to implement a security strategy that was built specifically for API attacks. Learn More
Threat Report | May 10, 2022 The Top 5 Cyber Threats Within the Manufacturing Industry We look at the top 5 cyber threats within manufacturing and how you can help prevent your organization from becoming another victim. Learn More
Blog | May 9, 2022 Flash Notice: [CVE-2022-1388] Critical Remote Code Execution Vulnerability Found in F5's BIG-IP Systems A critical vulnerability (CVE-2022-1388) was found in F5’s BIG-IP systems last week and is now being exploited in the wild. Learn More
Threat Report | May 3, 2022 Ragnar Locker Ransomware (Everything You Need To Know) Learn about Ragnar Locker’s tactics and techniques, and why it’s important to remember the dangers of paying the demanded ransom. Learn More
News | May 2, 2022 How is the U.S. government preparing for critical infrastructure attacks? Help Net Security –- Paul Caiazzo, Advisor at Avertium, talks about critical infrastructure attacks, their potential impact, and what the U.S. government is doing to prepare for them. Learn More
Blog | Apr 28, 2022 Flash Notice: Critical RCE Vulnerability Found in VMware Workspace ONE Access & Identity Manager Threat actors are currently exploiting an RCE vulnerability due to a server-side template injection in VMware Workspace ONE Access and Identity Manager. Learn More
Threat Report | Apr 26, 2022 Lapsus$: An In-Depth Look at Data Extortion Group Lapsus$ is likely to be larger than cyber security researchers originally speculated due to the group’s recent cyber attacks. Learn more! Learn More
Threat Report | Apr 19, 2022 Russia vs. Ukraine Part Two As the world continues to watch the physical war between Russia vs. Ukraine, cybersecurity professionals are watching the cyber war between the two. Learn More
Blog | Apr 14, 2022 What's Quantum Computing Got to do With It? Today, we still hear about quantum computing + how it will break the current encryption methods on which we depend to secure and store data. To understand this threat, we need to understand how our current methods work. Learn More
Threat Report | Apr 13, 2022 An In-Depth Look at Iranian APT "MuddyWater" Iranian APT MuddyWater is known for cyber espionage, as well as other cyber criminal operations as part of Iran’s Ministry of Intelligence and Security. Learn More
Threat Report | Apr 5, 2022 An In-Depth Look at Pandora Ransomware In March 2022, it was discovered that the Pandora ransomware group was targeting high-profile victims on their leak site. Learn More
Blog | Apr 1, 2022 VMware's Spring Boot Vulnerabilitiy & Exploit [CVE-2022-22965] A zero-day remote code execution (RCE) vulnerability (CVE-2022-22965) was found in VMware’s Spring Framework. Learn how to protect yourself. Learn More
Blog | Mar 31, 2022 How to Detect Ransomware: Best Practices for Avoiding Malware Attacks The best defense against ransomware is by understanding how ransomware works and how to effectively use mechanisms that detect it early. Learn More
Blog | Mar 29, 2022 Flash Notice: [CVE-2022-1096] Zero-Day Google Chrome Type Confusion Vulnerability 3/23/22 - Google was alerted about a dangerous zero-day vulnerability found in all Chromium based browsers. It's being tracked as CVE-2022-1096. Learn More
Threat Report | Mar 29, 2022 Remain Vigilant: Log4Shell Still Being Exploited Although conversation regarding Log4Shell has diminished, the exploit is still an issue for organizations and remains a permanent threat. Learn More
Ebook | Mar 23, 2022 2022 Ransomware Trends Dive into 6 trending ransomware threats and steps you can take to strengthen your network by signing up to download our free eBook. Learn More
Blog | Mar 23, 2022 Flash Notice: Authentication Company, Okta, Breached by Lapsus$ Okta Inc., an authentication company used globally, is at the center of a potential data breach caused by the data extortion group, Lapsus$. Learn More
Whitepaper | Mar 23, 2022 How to Raise Your Healthcare Organization’s Game to Combat Cybercriminals The American Hospital Association teamed up with Avertium in order to cultivate expert-based knowledge that could help you prevent an attack on your hospital. Read More
Threat Report | Mar 22, 2022 An In-depth Look at Conti's Leaked Log Chats At the end of February 2022, internal chats from the ransomware gang, Conti, were leaked by a Ukrainian security researcher and published on Twitter. Learn More
Blog | Mar 18, 2022 What Is Penetration Testing (Not All Pen Tests Are Created Equal) The goal of a penetration test is to answer the question: Are we secured? Can we withstand social engineering or other attacks? Learn more! Learn More
Blog | Mar 17, 2022 CaddyWiper Malware Vs RURansom Wiper (The Cyber War Continues) CaddyWiper, a data wiping malware, is targeting Ukrainian networks; while RURansom, which is also a wiper despite its name, is targeting Russian networks. Learn More
Blog | Mar 16, 2022 Flash Notice: Russian State-Sponsored Threat Actors Bypass Two-Factor Authentication Implementation, Gain Access to Cloud Storage Services The FBI & CISA issued a statement this week warning companies that Russian state-sponsored threat actors gained access to an unnamed organization’s network Learn More
Threat Report | Mar 16, 2022 An In-depth Look at the Kraken Botnet The recently discovered Kraken botnet is under active development and is stealing data from Windows hosts. Learn More
Threat Report | Mar 9, 2022 "Bronze Mohawk" & Cyber Espionage Bronze Mohawk (aka APT40) has been active since 2009. Today, they are laying low, but a recent discovery may link the the group to recent malware attacks. Learn More
Ebook | Mar 4, 2022 2022 Cybersecurity Predictions Find out Avertium's predictions for the cybersecurity industry in 2022, and get the tools and resources you need to be prepared. Learn More
Blog | Mar 1, 2022 Flash Notice: HermeticWizard, HermeticRansom, and IsaacWiper Target Ukraine This week, ESET researchers discovered three new cyber attacks against Ukraine: HermeticWizard, HermeticRansom, and IsaacWiper. Learn More
Threat Report | Mar 1, 2022 Roaming Mantis, an Evolving Phishing Campaign Roaming Mantis was first introduced in March 2018 and what started off as a banking trojan, has quickly evolved into much more. Learn More
News | Feb 25, 2022 How to Prevent a Cyber Attack WATE News –- A round of cyber attacks happened hours before Russia invaded Ukraine. Jeff Schmidt, CEO of Avertium, shares how you can bulk up your cybersecurity. Learn More
News | Feb 25, 2022 Federal Agencies Warn of Cyber Threats After Russia Sanctions WBIR-TV Knoxville –- Avertium's insight on President Biden's 'shields up' message. Learn More
News | Feb 24, 2022 Fears Rise of Potential Russian Cyberattacks on US, Allies Over Sanctions DarkReading –- If past is precedent, the cyber impact of the war in Ukraine could be broad and bruising, experts say. Learn More
Blog | Feb 24, 2022 Cyber Threat Hunting & Workflow (Prevent Cyber Attacks) Cyber threat hunting is a proactive security strategy that searches through networks to detect & isolate advanced threats before they present themselves. Learn More
Blog | Feb 24, 2022 Flash Notice: [New Malware] - CISA Warns of Renewed Russian Threat as New Activity is Seen in Ukraine Tension between Russia and Ukraine is at an all-time high. While there are currently no credible threats to the U.S., there is still imminent possibility. Learn More
Blog | Feb 22, 2022 Flash Notice: [CVE-2021-24086] Critical RCE Bug in Adobe Commerce, Magento On February 18, 2022, Adobe released a patch for CVE-2021-24086 that fixes an RCE bug in the Magento Open Source and Adobe Commerce platforms. Learn More
Threat Report | Feb 22, 2022 Super Bowl Weekend: BlackByte & Coinbase Were the Real Stars of the Show While most of America was being entertained by the Super Bowl, a BlackByte ransomware attack + one more incident took place, & both flew under the radar. Learn More
Blog | Feb 15, 2022 Flash Notice: Moxa MXview Network Management Software has Critical Security Flaws On February 14, 2022, researchers from Claroty’s Team82 disclosed several security flaws in the Moxa MXview web-based network management system. Learn More
Threat Report | Feb 15, 2022 BlackCat Ransomware & Triple Extortion (Analysis & Tactics) Learn everything you need to know about BlackCat ransomware and how they fit into our current threat intelligence landscape. Learn More
News | Feb 14, 2022 Avertium Recognized on CRN's Top 100 Managed Security Provider for Sixth Consecutive Year Avertium has been named to the Security 100 list for the sixth consecutive year, ranking among cybersecurity premium Managed Security leaders. Learn More
Threat Report | Feb 9, 2022 Everything You Need to Know About Night Sky Ransomware A group of unknown threat actors have been using Night Sky ransomware to exploit vulnerabilities in Log4j2. Let’s look at why this has become a challenge. Learn More
Blog | Feb 9, 2022 Flash Notice: LockBit 2.0 - FBI Releases New IoCs for Ransomware Attacks On Friday, February 4, 2022, the FBI released technical details and new indicators of compromise associated with LockBit 2.0. Learn More
Threat Report | Feb 1, 2022 How WhisperGate Affects the U.S. and Ukraine Let’s take a look at WhisperGate, why it’s become a major concern for the Ukrainian government, and how these cyberattacks could spill over into the U.S. Learn More
Ebook | Jan 27, 2022 Looking Back & Moving Forward: An Overview of 2021 Cybersecurity Events & Predictions for 2022 Recall major attacks, trends, and innovations in the cybersecurity industry over 2021, and find out Avertium's predictions for the industry in 2022. Learn More
Blog | Jan 26, 2022 Flash Notice: “PwnKit”: Linux PolicyKit Security Vulnerability Discovered in Polkit’s Pkexec, Hiding in Plain Sight for 12 years A memory corruption vulnerability was discovered in Polkit’s pkexec. CVE-2021-4034, aka PwnKit, could allow unprivileged users to gain root privileges by exploiting it in its default configuration. Learn More
Blog | Jan 26, 2022 Flash Notice: Threat Actors Target SonicWall RCE Vulnerability (CVE-2021-20038) New exploits of a critical vulnerability (CVE-2021-20038) affecting SonicWall's Secure Mobile Access (SMA) gateway was discovered yesterday. Learn More
Threat Report | Jan 25, 2022 Introducing Norton 360 and Avira's Built-In Cryptocurrency Miners Norton 360 and Avira step outside their comfort zone and begin to offer their customers cryptocurrency mining services via their antivirus software. Learn More
News | Jan 20, 2022 Optiv, Reliaquest Among LogRhythm Partners Honored With Americas Partner Awards Channel Futures -- LogRhythm partners are honored this week with the company's 2021 Americas Partner Awards. Learn More
News | Jan 20, 2022 Avertium Named LogRhythm Managed Services Partner of the Year The 2021 LogRhythm Managed Services Partner of the Year award for Avertium follows being named LogRhythm’s “Rising Star” partner in 2020. Learn more! Learn More
News | Jan 19, 2022 LogRhythm Announces 2021 Americas Partner Award Winners at Annual Revenue Kickoff Meeting Yahoo -- Awards Recognize Partners for Providing Exceptional Value and Solving Customers' Business Challenges Through LogRhythm's NextGen SIEM Platform Learn More
Blog | Jan 19, 2022 Cybersecurity Best Practices & Principles [Updated 2022] In order to use more sophisticated cyber security tools & techniques, organizations need to have a decent understanding of cybersecurity best practices. Learn More
Blog | Jan 18, 2022 Flash Notice: Microsoft Warns - Ukrainian Organizations Targeted by Destructive Malware Disguised as Ransomware Microsoft published a report detailing their discovery of malware disguised as ransomware being used to corrupt systems of several Ukrainian organizations. Learn More
Threat Report | Jan 11, 2022 An In-Depth Look at Ransomware Gang, Sabbath The ransomware gang, Sabbath, has flown under the radar for over a year but recently made headlines because of their unique attack method. Learn More
Threat Report | Jan 6, 2022 Log4Shell Timeline & Indicators Of Compromise (Complete Guide) Log4Shell is an unauthorized remote code execution vulnerability that allows for complete system takeover on systems with Log4j 2.0-beta9 up to 2.16.1. Learn More
Blog | Jan 3, 2022 Flash Notice: Y2K22? Microsoft Exchange Server Breaks as we Welcome the New Year As the clock struck midnight on 1/1/2022, Microsoft had an unexpected hiccup with its Exchange servers, which meant the servers couldn't process mail. Learn More
News | Dec 30, 2021 Avertium's Paul Caiazzo Featured at the 2021 Channel Partners Conference & Expo This year's Channel Partners Conference featured a variety of experts in the fields of technology and cybersecurity including Avertium's own Paul Caiazzo. Learn More
Threat Report | Dec 17, 2021 End of Year Recap for 2021 We saw some of the most deviant cyber attacks in 2021 cause chaos for organizations across the globe. Discover this year's most talked about cyber attacks. Learn More
Blog | Dec 13, 2021 Flash Notice: (UPDATED) Zero-Day Vulnerability - Log4Shell is a Critical Threat to Applications Security teams are in a hurry to patch an unknown active vulnerability that was found in Apache’s Log4j and is now named Log4Shell ((CVE-2021-44228). Learn More
Blog | Dec 10, 2021 UPDATE: APT Group Continues to Exploit Multiple Zoho ManageEngine Vulnerabilities Due to an unsuccessful patch in Zoho ManageEngine ServiceDesk Plus in September 2021, several undisclosed organizations have been compromised by APT Group Learn More
Blog | Dec 7, 2021 Flash Notice: APT Group Continues to Exploit Zoho ManageEngine ServiceDesk Plus Vulnerability Due to an unsuccessful patch in Zoho ManageEngine ServiceDesk Plus in September 2021, several undisclosed organizations have been compromised by APT Group Learn More
Threat Report | Dec 7, 2021 An In-Depth Look at Yanluowang Ransomware United States organizations within the financial sector are currently being attacked by a recently discovered ransomware operation named, Yanluowang. Learn More
Blog | Dec 2, 2021 Flash Notice - Wormable Security Vulnerability Found in Several HP Printer Models Cyber security researchers have discovered two vulnerabilities, now named Printing Shellz, that affect 150 different HP multifunction printers. Learn More
Blog | Dec 1, 2021 Everything you need to know about HITRUST - r2, bC, & i1 Assessments This blog provides a HITRUST assessment overview and answers your HITRUST certification questions including 'What is HITRUST?' and how to become certified. Learn More
Threat Report | Dec 1, 2021 Law Enforcement Cracks Down, Threat Actors Disappear & Re-Emerge The FBI has recently started to crack down on RaaS gangs. Now threat actors are going off the grid, then re-emerging months or years later. Learn More
Blog | Nov 30, 2021 RaaS gangs, Drive-By Downloads, and Botnets - Are You a Target? Don't fall behind on RaaS gang trends - find out more about drive-by downloads, botnets, and what they could mean for your IT environment. Learn More
Threat Report | Nov 29, 2021 Vishing vs. Smishing- Stay Educated on the Latest Cyber Attacks Unfortunately, vishing and smishing attacks happen to people every day. Let’s take a look at the differences between vishing and smishing attacks. Learn More
Blog | Nov 29, 2021 Flash Notice - Windows Zero-Day 'InstallerFileTakeOver' Vulnerability Allows Unauthorized Users to Become an Admin During Patch Tuesday, Microsoft fixed a zero-day Windows vulnerability. However, the patch was bypassed and led to a new privilege elevation vulnerability named ‘InstallerFileTakeOver’. Learn More
Blog | Nov 19, 2021 Flash Notice - APT Group Exploits FatPipe Zero-Day Vulnerability for 6 Months The FBI issued a notice yesterday warning that APT has been exploiting a zero-day vulnerability in FatPipe’s router clustering and load balancer products. Learn More
Blog | Nov 19, 2021 Flash Notice - Emotet Botnet is Back with New Spam Campaigns Last seen in January 2021, after law enforcement took them down, Emotet is back & is using TrickBot to install Emotet malware on infected Windows systems. Learn More
Blog | Nov 17, 2021 Flash Notice - BotenaGo Botnet Could Affect Millions of Routers & IoT Devices A new botnet named BotenaGo has been seen in the wild targeting a number of IoT devices & routers. BotenaGo can exploit up to 30 different vulnerabilities. Learn More
Threat Report | Nov 16, 2021 HIVE Ransomware: Everything You Need To Know (Attacks & Analysis) Hive has a variety of techniques and tactics that are challenging for cyber security professionals to defend and mitigate. Learn more. Learn More
Ebook | Nov 15, 2021 Creating a Business-First Incident Response Plan Breaches are no longer a simple ransom to be paid. The ripple effect that follows an attack can leave a long-lasting impact if your company is not prepared. Learn More
Threat Report | Nov 11, 2021 TIR-20211004 An In-Depth Look at Ransomware Gang, Conti A Russian-speaking RaaS organization, Conti uses RaaS to deploy disruptive ransomware attacks that target critical infrastructures. Learn More
Threat Report | Nov 10, 2021 Stay Vigilant With Cybersecurity During the Holidays Experts warn to stay vigilant with cybersecurity during the holidays, as there will be no shortage of attacks during the 2021/2022 holiday season. Learn More
Blog | Nov 9, 2021 Flash Notice - Philips TASY EMR Vulnerabilities Could Cause Patient Data Breach On November 5, 2021, Philips advised their customers of two security vulnerabilities that may cause a patient data breach in their TASY EMR HTML5 system. Learn More
Blog | Nov 4, 2021 Avertium Joins the Microsoft Intelligent Security Association Avertium, a cybersecurity services partner, joins the Microsoft Intelligent Security Association (MISA). Learn More
Threat Report | Nov 3, 2021 The Resurgence of Russian Threat Actor, NOBELIUM Recently, NOBELIUM has been seen making their rounds again, but this time their focus has shifted to software and cloud service resellers. Learn More
Threat Report | Oct 29, 2021 The Top 5 Cyber Threats in the Healthcare Industry The healthcare sector should be the last industry cyber criminals attack, but no exceptions are made when threat actors are looking to make money. Learn More
Blog | Oct 26, 2021 CIOReview Awards Avertium – Security You Can Trust CIOReview awards Avertium as 2021's " Most Promising Enterprise Security Solution Providers". Learn More
Blog | Oct 22, 2021 Cyber Insurance - Is Advanced Protection Worth it? Learn more about cyber insurance by understanding what it provides, how to pick a plan, and how it could save your organization in case of a breach. Learn More
Threat Report | Oct 12, 2021 Botnet Attack DDoS Guide: TIR-20211011 & The Meris Botnet Learn how DDoS botnets work and why the recently discovered botnet, Meris, is a major concern for cyber security specialists. Learn More
Blog | Oct 8, 2021 American Hospital Association + Avertium Emphasize the Growing Need for Cybersecurity in Healthcare Avertium worked with LogRythm and the American Hospital Association to create an eBook meant for healthcare and its ever-growing need for cybersecurity. Learn More
Blog | Oct 7, 2021 Third-Party Supply Chain Risk - Valuable Partners or Potential Threats? Your organization's supply chain could serve as an entry point for threat actors. Learn how to manage potential threats that may arise from your vendors. Learn More
Blog | Oct 6, 2021 Flash Notice - Apache Fixes Zero-Day Vulnerability on Airflow Servers Researchers from Intezer published details about two Apache Airflow Server vulnerabilities that are being tracked as CVE-2021-41773. Learn More
Whitepaper | Oct 5, 2021 How to Raise Your Healthcare Organization’s Game to Combat Cybercriminals The American Hospital Association teamed up with Avertium in order to cultivate expert-based knowledge that could help you prevent an attack on your hospital. Read More
News | Sep 30, 2021 Avertium’s Paul Caiazzo Named “CISO of the Year” in 2021 CyberSecurity Breakthrough Awards Program Chief Information Security Officer, Paul Caiazzo, has been named “CISO of the Year” in the fifth annual CyberSecurity Breakthrough Awards program. Learn More
News | Sep 29, 2021 Avertium and Black Kite Announce Strategic Partnership in New Approach to Attack Surface Monitoring Avertium announces a joint partnership through Black Kite’s Aviator Partner Program to provide a comprehensive approach to attack surface monitoring and supply chain cyber security risk. Learn More
Threat Report | Sep 28, 2021 TIR – 20210920 T-Mobile and BlackBerry - Why Waiting to Inform May Cost You Both T-Mobile and BlackBerry faced scrutiny after they failed to promptly inform customers of software vulnerabilities that affected millions of people. Learn More
Blog | Sep 27, 2021 Avertium Named to MSSP Alert’s Top 250 MSSPs List for 2021 The list identifies the top MSSPs, managed detection and response (MDR) and Security Operations Center as a Service (SOCaaS) providers worldwide. Learn More
Blog | Sep 24, 2021 Flash Notice - Critical VMware vCenter Server Flaw VMware released a statement detailing how Internet-exposed vCenter servers are actively being targeted by attackers. Learn More
Blog | Sep 23, 2021 Flash Notice - Microsoft Azure OMIGOD Vulnerability The researchers at Cloud security company, Wiz, disclosed a new vulnerability, OMIGOD, that affects Microsoft Azure. Learn More
Ebook | Sep 21, 2021 Why the Time is Now for CISOs to Advocate for Cybersecurity In this current moment of data breaches...CISOs have an opportunity to position cybersecurity investment as the path to innovation - not a blocker. Learn More
Blog | Sep 20, 2021 T-Mobile Data Breach Review: 40 Million Customers Compromised On August 17th, 2021, a ransomware attack caused a T-Mobile data breach, compromising over 40 million people’s PII. Here's what you need to know. Learn More
Webinar | Sep 15, 2021 Appgate: Practical Steps to Deploying Zero Trust Network Access Learn about Zero Trust Network access fundamentals, the benefits of ZTNA, and the challenges you might encounter as you make the shift to a ZTN model. Part 2 of a 3-part series. Watch Now
Webinar | Sep 15, 2021 Scaling Remediation in the Face of Competing Priorities Learn how you can leverage NIST CSF to scale a vulnerability management program and accelerate your remediation efforts. Watch Now
Webinar | Sep 15, 2021 Remote Workforce + Data Breach: A Perfect Storm With companies having to quickly pivot to a remote workforce, it's important to adapt your incident response (IR) plan, data privacy procedures, and more. Watch Now
Webinar | Sep 15, 2021 Appgate: When “Trust but Verify” isn’t enough. Learn about Zero Trust Network access fundamentals, the benefits of ZTNA, and the challenges you might encounter as you make the shift to a ZTN model. Watch Now
Webinar | Sep 15, 2021 New Techniques to Strengthening Threat Detection and Response Learn about the role of a SIEM in a ZTNA approach to cybersecurity. Watch Now
Webinar | Sep 15, 2021 Key Shifts in Identity Management and Governance Webinar discussing key shifts in identity management and governance - providing adjustments and tools to prepare for getting back to onsite work patterns. Watch Now
Webinar | Sep 15, 2021 Zero Trust: Fast-Tracking Security in the New Work Anywhere Norm Recent world events (COVID-19) have fundamentally changed the way organizations enable employees and provide them access to critical applications and data. Watch Now
Webinar | Sep 15, 2021 Rising Ransomware Attacks, the Advent of XDR, & What it Means for the Future of Threat Detection and Response Highlighting security challenges (and more) for companies that operate in multi-cloud environments, having a highly interconnected supply chain that must now accommodate a hybrid workforce model. Watch Now
Webinar | Sep 15, 2021 Securing Remote Workers; Fact & Fiction Webinar providing tips on how to secure your company network, endpoints and remote workers in a remote working model. Watch Now
Webinar | Sep 15, 2021 How to Implement a Risk-Based Strategy for "Killer" Threat Hunting Programs Learn the elements of a threat hunting program, how to utilize NIST CSF and the Enterprise ATT&CK framework, and review recent ransomware case studies. Watch Now
Whitepaper | Sep 15, 2021 Strengthening Cybersecurity with Consensus: How to Build Positive Board Relationships For CISOs looking to strengthen their cybersecurity posture, board buy-in is a helpful ally. This free guide details tangible action steps that CISOs can take. Read More
Guide | Sep 15, 2021 8 Steps to Take if You've Been Breached When it comes to a security breach, fast detection, mitigation and response are vital for reducing impact. This guide gives a formal, methodical approach. Learn More
Infographic | Sep 15, 2021 5 Ways to Prevent Ransomware Avertium offers five ways for your security team to prevent ransomware. Learn More
Guide | Sep 15, 2021 6 Steps to Implementing a Zero Trust Network This guide offers the 6 steps to implementing a zero trust network (ZTN) cybersecurity strategy to protect against cyber threat and improve your program. Learn More
Whitepaper | Sep 15, 2021 Security Operations Maturity Model (SOMM) Avertium and LogRhythm explain SIEM pricing models and educate SIEM buyers on how to mitigate security and financial risks associated with business growth. Read More
Ebook | Sep 15, 2021 7 Metrics to Measure the Effectiveness of Your Security Operations Avertium and LogRhythm explain metrics to measure the effectiveness of your security operations (SecOps) to detect and respond to cybersecurity events. Learn More
Whitepaper | Sep 15, 2021 Budgeting for a Modern SIEM Avertium and LogRhythm explain SIEM pricing models and educate SIEM buyers on how to mitigate security and financial risks associated with business growth. Read More
Guide | Sep 15, 2021 Essential Guide to HIPAA Compliance A complete guide to help you understand HIPAA compliance and the HIPAA Privacy, Security and Breach Notification Rules. Learn More
Whitepaper | Sep 15, 2021 HIPAA Privacy During a COVID-19 Outbreak Re-Occurrence Learn how to stay HIPAA compliant with the Privacy Rule and OCR Notifications of Enforcement Discretion during a COVID-19 pandemic outbreak re-occurrence. Read More
Webinar | Sep 15, 2021 HIPAA Compliance in a Pandemic Join the CEO of Avertium, Jeff Schmidt, for a discussion on the implications the pandemic has and will continue to have on HIPAA compliance. Watch Now
Ebook | Sep 15, 2021 9 Steps to Manage Third-Party Information Security Risk 9 essential steps to managing third-party vendor risk that every information security professional can adopt for their organization. Learn More
Whitepaper | Sep 15, 2021 The Risky Business of SaaS + Hybrid Cloud and What to do about it Securing Your SaaS and Hybrid Cloud Solutions white paper examines opportunities, risks and best practices to integrate cloud into your security posture. Read More
Whitepaper | Sep 15, 2021 4 Trending Phishing Techniques and Tips for Detection Avertium teams up with LogRhythm to explain trending phishing techniques and gives tips for detecting phishing attacks using SIEM technology. Read More
Whitepaper | Sep 15, 2021 Guide to Selecting an MSSP or In-house Solution A complete guide to help you decide on whether to manage your SOC in-house or use an MSSP. Read More
Whitepaper | Sep 15, 2021 Threat-Based Security at the Intersection of MITRE ATT&CK and NIST CSF Examine how to use the NIST CSF in conjunction with MITRE ATT&CK to help define and enact threat-based cybersecurity and break the intrusion kill chain. Read More
Whitepaper | Sep 15, 2021 Building an XDR Solution: Factors You Ought to Consider for ZTNA, EDR, Vulnerability Scanning and SIEM White paper on building an XDR solution with ZTNA, EDR, vulnerability scanning and SIEM technologies and the factors you should consider for each. Read More
Whitepaper | Sep 15, 2021 XDR is Not Only About Technology and Why this Matters Learn why XDR is more than technology in order to achieve a proactive and more mature security posture. Read More
Webinar | Sep 15, 2021 Navigating Cybersecurity & Managing Data Breach Risks Webinar providing tips on how to secure your company network, endpoints and remote workers in a remote working model. Watch Now
Webinar | Sep 15, 2021 Mitigating Remote Work-Related Threats Recent world events (COVID-19) have fundamentally changed the way organizations mitigate remote work-related threats. Watch Now
Webinar | Sep 15, 2021 5 Essential Steps to Creating a Relevant Incident Response Plan Incident response templates are readily available online but how well do they work for your company's specific policies, procedures, and workflows? Watch Now
Checklist | Sep 15, 2021 The Ultimate Incident Response Plan Checklist A cybersecurity incident response plan for a data breach takes thoughtful planning. Learn what's needed with this incident response (IR) planning checklist. Learn More
Ebook | Sep 14, 2021 Leveraging Zero Trust Architecture to Contain & Combat Ransomware Gain visibility on who's on your network by signing up to download our free eBook discussing how you can contain ransomware utilizing Zero Trust. Learn More
Threat Report | Sep 14, 2021 TIR-20210913 TEAMTNT – “CHIMAERA” CRYPTOMINING MALWARE CAMPAIGN TARGETS SERVERS TeamTNT released a new campaign known as "Chimaera" meant to cryptomine malware and is actively targeting several operating systems and applications. Learn More
Blog | Sep 9, 2021 Lockbit 2.0 Ransomware: An In-Depth Look At Lockfile & LockBit Emerging in July 2021, LockFile has compromised over 300 servers in an ongoing ransomware campaign. Learn more! Learn More
Blog | Sep 9, 2021 Flash Notice – Microsoft Issues Warning for Remote Code Execution Vulnerability A statement has been released by Microsoft warning users of a remote code execution vulnerability in Office 365 and Office 2019 on Windows 10. Learn More
Blog | Aug 24, 2021 Threat Actor Profile – “BlackMatter” Ransomware BlackMatter began making its presence known as a ransomware-as-a-service (RaaS) gang in 2021. Read more for indicators of compromise and our recommendations. Learn More
Blog | Aug 18, 2021 Email Phishing Campaigns (Beware Of These Scams) We discuss the similarities between Photo Copyright email phishing campaigns and SharePoint phishing campaigns. Learn more! Learn More
Blog | Aug 13, 2021 Flash Notice – The PrintNightmare Continues These disappointing developments coincide with reports of ransomware groups exploiting the PrintNightmare family of vulnerabilities in the wild. Learn More
Blog | Aug 10, 2021 XDR: Tech Stack, Service, Process, or All Three? What is eXtended Detection Response (XDR)? Is it a process, a tech stack, or a service? How does it differ from MDR and EDR? Learn More
Blog | Aug 3, 2021 Microsoft Exchange Server Breach is Formally Attributed to China by the U.S The extensive breach of Microsoft Exchange Server early this year has been formally attributed to China by the United States & several allies. Learn More
Blog | Aug 3, 2021 President Biden’s Executive Order on Cybersecurity: What it does & What it doesn’t do The growing need for cybersecurity has brought onto a new executive order. Read more to learn about what this means and where it falls short. Learn More
Blog | Jul 28, 2021 A Zero Trust Network Architecture (ZTNA) POV with Appgate As Zero Trust becomes more relevant, Appgate x Avertium leads the way in accelerating the customer's Zero Trust journey. Learn More
Blog | Jul 22, 2021 July 4th Post Mortem on PrintNightmare and REvil The latest noteworthy exploit leveraged a vulnerability in Microsoft’s Print Spooler Service to target IT Solutions company, Kaseya. Learn More
Blog | Jul 16, 2021 Flash Notice: SonicWall Warns of Imminent Ransomware Attack Against EOL Products SonicWall has released an urgent security bulletin to their customers using unpatched, end-of-life Secure Mobile Access 100 series and Secure Remote Access products. Learn More
Blog | Jul 7, 2021 Summary of the International Institute for Strategic Studies’ Nation-State Cyber Power Assessment A recent study, conducted by the International Institute for Strategic Studies, assessed the cyber power of 15 different nation-states. Learn More
Blog | Jul 1, 2021 CobaltStrike Overview This report is about the use of the well-known tool CobaltStrike in adversarial campaigns, CobaltStrike dates all the way back to 2016. Learn More
Threat Report | Jul 1, 2021 PrintNightmare – Unpatched remote code execution vulnerability in default windows print spooler service The PrintNightmare scenario continues to unfold as security researchers around the globe work to better understand how to detect and mitigate this critical vulnerability. Learn More
Blog | Jun 28, 2021 Attack Surface Management vs. Vulnerability Management Today's attack surface management extends beyond your physical IT assets, now encompassing your entire digital footprint, and vulnerability management focus on software and code-based variabilities. Learn More
Blog | Jun 25, 2021 Flash Notice: Avertium Detects Increase in “Stolen Images” Phishing Campaign Avertium security teams have detected an uptick in “Stolen Images” phishing emails. This campaign accuses the email recipient of using... Learn More
Blog | Jun 23, 2021 APT38 Threat Actor Profile We dive into the threat actor profile on APT38. APT38 is a nation-state-level threat group associated with the North Korean regime. Read more on its tactics. Learn More
Blog | Jun 15, 2021 REvil Ransomware Overview This is a Threat Actor Profile on REvil, a RaaS syndicate. Most recently, the REvil ransomware group was connected to the attack on the JBS Meat Company. Learn More
Threat Report | Jun 8, 2021 Cyber Espionage & Data Exfiltration attack results from 3-year old backdoor This report is an overview of live espionage and data exfiltration resulting from a previously unknown backdoor that flew under the radar for over 3 years. Learn More
Threat Report | Jun 2, 2021 New NOBELIUM Campaign focuses on phishing This report is about a new malware campaign by a foreign adversarial nation-state threat actor recently being referred to as NOBELIUM. Learn More
Blog | May 26, 2021 Flash Notice: VMware discloses critical vCenter server vulnerabilities On May 25, 2021, VMware released a new critical security advisory, VMSA-2021-0010 (CVE-2021-21985 & CVE-2021-21986), affecting vCenter Server 6.5, 6.7, and 7.0. Learn More
Blog | May 26, 2021 Examining the relationship between Vulnerability Announcements & the increase in attacks until mitigated This report discusses the relationship between the time a new vulnerability is announced & the increase in attacks against it until patched. Learn More
Blog | May 21, 2021 You're Secure - But are Your Vendors? Assessing Third Party Risk With 3rd Party Risk in Cybersecurity, security teams can focus on more than just what to do AFTER an attack happens - remediation and containment. Learn More
Blog | May 18, 2021 Malware Campaign utilizes Microsoft Executable MSBuild This report is about a malware campaign using a well-known Microsoft executable called MSBuild to propagate in a file-less manner. Learn More
Blog | May 18, 2021 Avertium Named Winner in the Coveted Global InfoSec Awards 2021 Avertium Wins “Next-Gen in Managed Security Service Provider (MSSP)” In 9th Annual Global InfoSec Awards at #RSAC 2021 Learn More
Blog | May 14, 2021 FiveHands Ransomware Overview This report is an overview of the FiveHands Ransomware variant that successfully attacked an organization (CISA release date May 6, 2021). Learn More
Blog | May 11, 2021 Avertium, Med Tech Solutions, and LIFARS announces Security Alliance delivering comprehensive, Always-On Cloud Security for Healthcare Organizations Three-way partnership creates the first solution combining managed cloud services, managed SOC, & incident response for the healthcare industry. Learn More
Blog | May 6, 2021 Overview of the BadAlloc Vulnerabilities This report is an overview of a series of vulnerabilities discovered by Microsoft’s Section 52 research team, labeled “BadAlloc”. Learn More
Blog | May 5, 2021 Dell BIOS Driver Privilege Escalation Flaws Hundreds of millions of Dell Computers (desktops, laptops, notebooks, and tablets), could be vulnerable to a BIOS Driver Privilege Escalation Flaw. Learn More
Blog | Apr 27, 2021 Exploitation Campaign by two threat actor groups affects pulse secure The Pulse Secure vulnerability CVE-2021-22893 affects the following software releases: PCS 9.0R3/9.1R1 and higher. Learn More
Blog | Apr 21, 2021 The Rise of RaaS Gangs + What You Need to Know As we move into 2021, ransomware attacks continue to rise and are increasingly executed through Ransomware as a Service (RaaS) gangs. Learn more. Learn More
Threat Report | Apr 20, 2021 Clop Ransomware (TIR-20210419) This report discusses Clop ransomware; it was discovered in February of 2019 and a recent increase in Clop attacks has been noticed by cybersecurity researchers. Learn More
Blog | Apr 13, 2021 Phishing Campaign targets the Medical Research community This report is about a well-known threat targeting the medical research community in both the United States and Israel. Learn More
Blog | Apr 8, 2021 Does CMMC Immunize You to Ransomware? Does CMMC immunize you to ransomware? Let's find out and discuss not only the requirement but also some of the perceived benefits of implementing such a framework. Learn More
Blog | Apr 7, 2021 Two Vulnerabilities affect FireEye EX 3500 This report is about two vulnerabilities affecting FireEye EX 3500. The vulnerabilities are identified as CVE-2021-28970 and CVE-2021-28969. Learn More
Threat Report | Mar 30, 2021 Overview of the Crypter-as-a-Service: HCrypt Similar to ransomware-as-a-service, HCrypt is sold to less technical malicious actors. Phishing is the initial attack vector for this malware Learn More
Blog | Mar 22, 2021 Zoom Screen-Sharing Vulnerability displays Unauthorized Information A vulnerability discovered in Zoom may allow users in the meeting to see information on a screen-share that they weren't authorized to view. Learn More
Threat Report | Mar 15, 2021 Three recently reported Azure LoLBins help attackers evade detection This report spotlights three recent Azure Living-off-the-land binaries (LoLBins) that could be used by attackers to evade detection. Learn More
Blog | Mar 11, 2021 Operation Exchange Marauder: Mass exploitation of Microsoft Exchange On March 2, 2021, Microsoft released a series of emergency security patches for Exchange Server 2019, 2016, 2013, and 2010 in order to combat several vulnerabilities. Learn More
Blog | Mar 9, 2021 Growing Cybersecurity Company announces Chief Revenue Officer to Support Expansion Today, Avertium announced the appointment of Ben Masino as the company’s Chief Revenue Officer (CRO). Learn More
Blog | Mar 8, 2021 DarkSide Ransomware Overview DarkSide ransomware is a Ransomware-as-a-Service (RaaS), primarily targeting Windows systems with the ability to target Linux OS variants. Learn More
Threat Report | Mar 1, 2021 Threat Report: New Variant of MassLogger Trojan Malware targets Microsoft Outlook & Google Chrome This report is about recent malware campaigns utilizing the MassLogger trojan (written in . NET) that is targeting popular applications. Learn More
Blog | Feb 22, 2021 New Phishing Campaign uses Morse Code to avoid detection This report is about a new phishing campaign that uses a unique method of obfuscation to avoid detection by traditional security appliances. Learn More
Blog | Feb 15, 2021 Severe Windows Vulnerabilities impact Windows Client & Server OS Versions 7 and Above This report is about three high severity Windows TCP/IP vulnerabilities tracked as CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086. Learn More
Threat Report | Feb 9, 2021 Vovalex Ransomware (TIR-20210207) Vovalex ransomware is the first ransomware written in D language and the first to be distributed through pirated software that masquerades as legitimate software such as various Windows utilities. Learn More
Blog | Feb 9, 2021 Zero Trust SIEM Strategy (Role of SIEM in Zero Trust Environment) Learn how your Security information and event management (SIEM) aids in mitigating risk as part of your larger Zero Trust Strategy. Learn More
Blog | Feb 3, 2021 Heap-Based Buffer Overflow Vulnerability Discovered in Sudo (TIR-20210131) This report is regarding a recently discovered heap-based buffer overflow vulnerability within the widely used Sudo utility. Learn More
Blog | Jan 24, 2021 Recent additions to TeamTNT Malware Campaign on Cloud Environments This report is about the recent additions to the TeamTNT malware campaign to infect cloud environments and it is updated to capture AWS IAM user details more effectively. Learn More
Blog | Jan 6, 2021 New Golang Worm targets MySQL, Jenkins, Oracle WebLogic and other public services Threat report on the new malware Golang Worm which is targeting services such as MySQL, Jenkins, and Oracle WebLogic. Learn More
Blog | Jan 6, 2021 Zyxel Firewall Backdoor Vulnerability CVE-2020-29583 This outlines the TTP for the Zyxel Firewall backdoor vulnerability CVE-2020-29583. It also provides mitigation recommendations. Learn More
Threat Report | Dec 28, 2020 Multiple Dell ThinOS Vulnerabilities This threat report is about the multiple Dell Wyse ThinOS vulnerabilities, the techniques, tactics and procedures and how to remediate them. Learn More
Blog | Dec 28, 2020 What is Mobile App Testing? What is Mobile App Testing? Cybersecurity specialists utilize an assortment of tests and techniques to screen for vulnerabilities in order to evaluate the security of a mobile app. Learn More
Threat Report | Dec 24, 2020 Threat Report: SunBurst Backdoor and Malware Campaign This report is about the recently disclosed SunBurst backdoor and the related malware campaign. Learn More
Threat Report | Dec 18, 2020 Threat Report: SolarWinds Orion Compromise Guidance This report outlines the TTPs of the SolarWinds Orion compromise and recommended steps to identiy and mitigate known exposure. Learn More
Blog | Nov 16, 2020 PyXie distributing ransomware tools targeting Healthcare, Education, Government and Technology companies This threat report is about bad actor PyXie Group's ransomware tools targeting various sectors including healthcare, education, government, and technology. Learn More
Blog | Nov 10, 2020 What you need to know about Telemedicine, HIPAA Compliance and the Pandemic What you need to know about evolving telemedicine policies and HIPAA compliance during this pandemic. Learn More
Blog | Nov 3, 2020 Multiple Oracle WebLogic Server Vulnerabilities Remotely Exploitable without Authentication This threat report is about the Oracle WebLogic Server vulnerabilities and the patches available. Learn More
Blog | Oct 30, 2020 3 Scary Stories of Data Breach Disasters 3 data breach stories that could happen to any company and that could've been preventable. Learn More
Threat Report | Oct 30, 2020 Ryuk is Back and Actively Targeting U.S. Healthcare Organizations Threat actors operating Ruyk are back and targeting U.S. -based hospitals. Here's how you can protect your company against the threat actors. Learn More
Blog | Oct 27, 2020 TeamTNT Attacks Cloud Environments TeamTNT attacks cloud environments with Weave Scope. This report describes the tactics, techniques, and procedures used and how to defend against them. Learn More
Blog | Oct 27, 2020 What Is Security Orchestration, Automation and Response (SOAR)? Security orchestration, automation, and response (SOAR) automates and accelerates security operations, analytics and reporting. Learn More
Blog | Oct 22, 2020 We have an MDR...do we still need a SIEM? Explains what MDR and SIEM are, and how they can work together to provide you with a superior cybersecurity solution. Learn More
Blog | Oct 20, 2020 Culture of Collaboration: Fanatical Testing and Instrumentation Culture of Collaboration: Fanatical Testing and Instrumentation. We can use this idea to develop organizational controls and processes to prevent, detect, respond to and recover from cyber-attacks. Learn More
Blog | Oct 20, 2020 Translating Paper into Trust Translating Paper into Trust: Edward Vasko explains how collaboration can lead to security controls tailored to minimize their impact on job performance. Learn More
Blog | Oct 20, 2020 Why (and How) Company Leadership should create a culture of Security Collaboration The goal is to balance security risks against business objectives and develop sensible controls that reduce the biggest risks with minimal impact on job performance. Learn More
Blog | Oct 20, 2020 Understanding Personal Data Privacy Compliance Obligations to protect your customers, partners and employees Due to the many personal data privacy compliance requirements and non-compliance sanctions, organizations should understand regulations. Learn More
Blog | Oct 19, 2020 SonicWall Vulnerability may allow denial of service attack This is a threat report about a critical SonicWall vulnerability tracked as CVE-2020-5135 that can allow a Denial of Service attack. Learn More
Blog | Oct 15, 2020 What Is Extended Detection and Response (XDR) and why is it gaining momentum as a security solution? Learn what extended detection and response is and how XDR is evolving into the successor to end-point detection and response (EDR) solutions. Learn More
Blog | Oct 14, 2020 What Is MITRE ATT&CK and how is it being used? This article answers the question, What is MITRE ATT&CK? and explains ways to use ATT&CK daily to protect your environment against adversarial TTPs. Learn More
Blog | Oct 13, 2020 Backdoor targets Content Management Systems (CMS) This report describes the tactics, techniques, and procedures for backdoor malware with shell capability and targets content management systems. Learn More
Threat Report | Oct 12, 2020 Content Management System malware attack drops Backdoor Shell This threat report is about a content management system (CMS) malware that attacks using a backdoor with a shell capability. Learn More
Blog | Oct 11, 2020 Latest Phishing Campaign lures Defense and Aerospace Workers with Fake Job Offers This report outlines the latest phishing campaign targeting defense and aerospace workers and how to protect against it. Learn More
Blog | Oct 8, 2020 Threat Focus: What is Ransomware-as-a-Service? This post answers "What is ransomware-as-a-service?" and explains how the cybersecurity threat is evolving and ways to protect your business. Learn More
Blog | Oct 7, 2020 Avertium Named to the MSSP Alert Top 250 MSSPs List Avertium named to MSSP Alert's 2020 Top 250 MSSPs list. This is the second consecutive year that Avertium has been included. Learn More
Blog | Oct 6, 2020 What every Cybersecurity Pro should understand about Insider Threats Understand insider threats - both malicious and accidental - since they are prevalent, yet often an avoidable type of cybersecurity threat. Learn More
Threat Report | Oct 5, 2020 Ryuk Ransomware's Increased Activity Targets Large Organizations Using Windows OS This report is an overview of the Ryuk ransomware and contains actionable intelligence for understanding and protecting against the malware threat. Learn More
Blog | Oct 1, 2020 Ransomware Vs. Phishing Vs. Malware (What's The Difference) Malware, ransomware, and phishing attacks are nothing new to enterprise and small business cybersecurity teams. Learn the basics you need to know. Learn More
Blog | Sep 29, 2020 What Software Companies looking to develop for the Healthcare Industry need to know Many software companies looking to develop for the healthcare industry are unaware they must be HIPAA compliant. Learn more. Learn More
Blog | Sep 28, 2020 Cisco Aironet APs vulnerability risks DoS This threat report is about a vulnerability recently discovered in Cisco Aironet Access Points (APs) known as CVE-2020-3560. Learn More
Blog | Sep 24, 2020 Zero Trust Beyond VPN Replacement: Earning the Most Value for Your Investment Learn about zero-trust network access (ZTNA) beyond VPN replacement and how to realize the most value for your investment. Learn More
Blog | Sep 23, 2020 Understanding the Difference Between an MSSP and MDR The decision between MSSP vs. MDR should be based on specific factors. Learn how you can make the right choice for your organization. Read the blog. Learn More
Blog | Sep 17, 2020 How Multi-Cloud Environments Expand Your Attack Surface and How to Manage and Reduce the Risk Learn how multi-cloud environments expand your attack surface, best practices to manage and reduce the risk Learn More
Blog | Sep 16, 2020 Avertium enhances LogRhythm expertise with acquisition of 1440 Security Sunstone Partners-backed Avertium acquires national MSSP 1440 Security to enhance LogRhythm and advanced threat detection capabilities. Learn More
Blog | Sep 15, 2020 How to Leverage Your SIEM to Detect and Respond to Ransomware The key to detecting ransomware is laying the necessary groundwork first. Avertium explores how to leverage SIEM technology to respond to attacks. Learn More
Blog | Sep 14, 2020 Palo Alto Firewall vulnerabilities discovered and patched This threat report is about a series of Palo Alto firewall vulnerabilities in the software suite ranging in criticality. Learn More
Blog | Sep 9, 2020 Why Enterprises are Adding Chief Privacy Officer to C-Level Leadership Learn why the Chief Privacy Officer is needed for personal data privacy strategic decision making and why the CPO is here to stay. Learn More
Blog | Sep 8, 2020 Assessing whether you need Virtual CISO (vCISO) Services, and what to expect Learn if you need virtual CISO (vCISO) services for cybersecurity leadership to improve security and meet regulations and compliance. Learn More
Threat Report | Sep 8, 2020 Financial Institutions Beware: New PyVil RAT targets you This threat report is about a new remote access trojan (RAT) called PyVil that targets financial institutions and is by Evilnum. Learn More
Blog | Sep 3, 2020 The Cybersecurity Talent Shortage: Myth or Truth? Explore the myths and facts surrounding the cybersecurity talent shortage and what you can do about it with MSSP and consulting. Learn More
Blog | Sep 1, 2020 Vulnerability Management: Is In-Sourcing or Outsourcing right for you? Examine the different components of vulnerability management and when and where outsourcing makes sense to your program. Learn More
Blog | Aug 31, 2020 WooCommerce vulnerabilities in WordPress plugin discovered This threat report provides actionable intelligence about WooCommerce vulnerabilities discovered in Discount Rules in the WordPress plugin. Learn More
Blog | Aug 27, 2020 Attributes of a robust Vulnerability Management Program The attributes of a robust vulnerability management program that protects enterprises in a challenging security environment. Learn More
Blog | Aug 25, 2020 Importance Of Vulnerability Assessments (Do You Need One?) Since a vulnerability assessment is designed to identify the flaws in software that an attacker can exploit, any organization can benefit. Learn more! Learn More
Blog | Aug 24, 2020 MassLogger Malware This threat report provides an overview of the MassLogger malware, the tactics, techniques and procedures, and what you can do to protect your organization. Learn More
Blog | Aug 20, 2020 EDR vs. MDR: Which Threat Detection is Right for You? This post explores using EDR vs. MDR for threat detection to protect against cybersecurity threats to help determine which is right for your organization. Learn More
Blog | Aug 18, 2020 Is Artificial Intelligence (AI) in Cybersecurity the ultimate solution? Short Answer: No, and also Yes This post provides an examination of artificial intelligence in cybersecurity for a more profound understanding of precisely what AI can and cannot do. Learn More
Blog | Aug 17, 2020 Russian Drovorub malware affects Linux Systems This threat report covers the Drovorub malware, which affects Linux systems and is attributed to the Russian military unit known as the GRU. Learn More
Blog | Aug 13, 2020 Using Application Whitelisting Best Practices to Stop Malware We dive into the difference between whitelists vs. blacklists to explore using application whitelisting software in order to stop malware. Read the blog. Learn More
Threat Report | Aug 12, 2020 Netwalker Ransomware offered as Ransomware-as-a-Service creating increased prevalence This threat report is about the NetWalker ransomware considered highly dangerous due to advanced anti-detection and persistence techniques. Learn More
Blog | Aug 11, 2020 Make PCI Compliance Easier; Automate PCI DSS Requirement 11.2 Automating PCI DSS Requirement 11.2 using vulnerability scanning is the best way for a merchant or service provider to fulfill the mandate. Learn More
Blog | Aug 6, 2020 Least Privilege: Minimizing Permissions to Improve Cybersecurity Why least privilege through minimizing permissions and account separation is worth the resulting lowered exposure to cyberattacks. Learn More
Blog | Aug 5, 2020 Ensiko Web Shell Infects Windows, Linux and MacOS Systems This threat report provides actionable intelligence to protect against the Ensiko web shell that affects Windows, Linux, and MacOS systems. Learn More
Blog | Aug 4, 2020 How to apply SOC 2 Type 2 Trust Services criteria to your business This article explains the SOC 2 Type 2 Trust Service Criteria (TSC) for SOC audit reports and how to apply them to your business. Learn More
Blog | Jul 30, 2020 Demystifying Zero Trust: What is Zero Trust Security, and how can it bolster your environment? What is Zero Trust security? How can it bolster your information security environment? Learn if a zero trust security model is right for your organization. Learn More
Blog | Jul 28, 2020 SOC Audit Report Basics: The What, Why, Who and How Learn SOC audit report basics: What is a SOC audit report, what's the difference between a SOC 1, SOC 2 and SOC 3 report, Type 1 vs. Type 2, and more. Learn More
Blog | Jul 27, 2020 SIGRed "Wormable" DNS Server vulnerability is critical to address SIGRed, assigned as "wormable" DNS Server vulnerability may allow malicious actor Domain Administrator rights with devastating financial impact. Learn More
Blog | Jul 20, 2020 Zoom Client for Windows Vulnerability recently discovered Threat report about a newly discovered Zoom Client for Windows vulnerability that allows a remote attacker to execute arbitrary code on a victim’s computer. Learn More
Blog | Jul 17, 2020 Why Root Cause Analysis is Crucial to Incident Response (IR) Performing incident response root cause analysis can help your organization identify outlying factors that may have contributed to a data breach. Read more. Learn More
Blog | Jul 15, 2020 How to write a Business Continuity Plan to fit your enterprise How to write a business continuity plan to fit your business, including primary goals, what a BCP includes, and business continuity planning steps. Learn More
Blog | Jul 15, 2020 Avertium adds Sophos 2020 MSP Partner of the Year, Americas to List of Partner Awards Avertium Adds Sophos 2020 MSP Partner of the Year, Americas to List of Partner Awards Learn More
Blog | Jul 13, 2020 Citrix Vulnerabilities: NetScaler ADC, NetScaler Gateway and SD-WAN WANOP This threat report is about a series of Citrix vulnerabilities within Citrix ADC (NetScaler ADC), Gateway (NetScaler Gateway), and SD-WAN WANOP. Learn More
Blog | Jul 9, 2020 Why Patch Management is Important for Cyber Security This post explains strong patch management importance in cyber security, best practices, and how to implement a program that manages risk. Learn More
Blog | Jul 7, 2020 What's New in HITRUST CSF Version 9.4 CMMC and NIST Mapping Learn about the added HITRUST CMMC and NIST mapping aspects of this recently released HITRUST CSF version 9.4. Learn More
Blog | Jul 6, 2020 Palo Alto PAN-OS Vulnerability with CVSS score of 10 issued This threat report is about CVE-2020-2021, a newly discovered critical vulnerability in the Palo Alto PAN-OS and carries a CVSS score of 10. Learn More
Blog | Jun 30, 2020 Am I ready for a PCI ROC? This post answers PCI Report on Compliance (ROC) questions, help you determine if you're ready, and gives tips for doing a PCI readiness assessment. Learn More
Blog | Jun 29, 2020 Cisco Webex Meetings Desktop App Vulnerability This threat report is about a Cisco Webex Meetings Desktop App vulnerability referred to as CVE-2020-3263 with Cisco updates to remediate. Learn More
Blog | Jun 25, 2020 Cloud Security Defense in Depth (What Is It & How To Utilize It) Learn the argument for defense cloud security, the unique challenges of implementing cloud cybersecurity, & how to protect your cloud environment. Learn More
Blog | Jun 25, 2020 First HIPAA Risk Assessment? Here's how to be prepared This article provides an introduction to HIPAA risk analysis and four things to remember when preparing for your first HIPAA risk assessment. Learn More
Blog | Jun 23, 2020 Ransomware Prevention to Incident Response This article covers ransomware prevention to incident response to help you protect against ransomware or recover from a ransomware attack. Learn More
Blog | Jun 22, 2020 New FK_Undead Malware Modules This threat report is about a set of new modules added to the FK_Undead malware and provides actionable intelligence to protect against this threat. Learn More
Threat Report | Jun 19, 2020 Recent surge in two WordPress attacks This threat report is about a surge in WordPress attacks using cross-site scripting (XSS) and the “wp-config.php” file and how to defend against them. Learn More
Blog | Jun 17, 2020 10 factors for Cloud Security during selection and implementation Cloud security during selection and implementation that considers data governance, data security, and remote workforce's usage of technology. Learn More
Blog | Jun 16, 2020 Do I have to be PCI compliant? This article offers PCI DSS information to help you answer, "Do I have to be PCI compliant?", explains the QSA's role and how to avoid heavy fines. Learn More
Blog | Jun 11, 2020 Does HIPAA apply to me? "Does HIPAA Apply to Me?" answers if your organization must be HIPAA compliant and how to adhere to HIPAA Rules for protected health information (PHI). Learn More
Blog | Jun 10, 2020 VMWare Tools Vulnerability Allows Administrative Access This threat report is about VMware tools vulnerability CVE-2020-3957 that can allow an attacker to gain administrative level privileges on a system. Learn More
Blog | Jun 9, 2020 Password Spray Attack Q&A with a Penetration Tester Learn from a pen testing expert about the password spray attack hackers use to gain account access and how to protect against this type of cyber attack. Learn More
Threat Report | Jun 8, 2020 Ragnar Locker Ransomware New Evasion Technique This threat report is about the Ragnar Locker ransomware and a new defense evasion technique using virtual machines and running VirtualBox in headless mode. Learn More
Blog | Jun 3, 2020 PCI DSS business as usual: The pandemic proved why businesses should adhere PCI DSS Business as Usual is the best way to ensure you're protecting credit card data as part of regular operations. The pandemic proved this. Learn how. Learn More
Blog | Jun 2, 2020 Monitoring Telework Security with Disappearing Network Perimeters Establishing ways of monitoring telework security with disappearing network perimeters, securing endpoints, and considering employee privacy is crucial. Learn More
Blog | May 28, 2020 5 Considerations for writing New Remote Workforce Policies and Procedures Writing new remote workforce policies and procedures for cybersecurity requires special considerations, which we explore in this article. Learn More
Blog | May 27, 2020 3 differences in Incident Response for a new remote workforce Explore incident response for a new remote workforce and how to prepare for an incident response team (IRT) answering to a security incident. Learn More
Blog | May 27, 2020 Ramsay Malware targets Windows OS This threat report is about Ramsay malware that targets Windows operating system hosts to steal valuable intelligence for espionage-related reasons. Learn More
Blog | May 26, 2020 Gauging Risk Tolerance for Remote Workforce Security versus Privacy As organizations adjust to and consider permanently adopting a telework model, they must consider the privacy vs. remote workforce security implications. Learn More
Blog | May 21, 2020 The Importance of Identity Management and Governance for Telework Security The importance of identity management and governance for telework security was revealed with the shift to telecommuting for pandemic response. Learn more. Learn More
Blog | May 19, 2020 The Business Continuity Shift: Ensuring Telework Security Ensuring telework security means going beyond most existing BCPs to address unprecedented considerations in protecting a majority virtual work environment. Learn More
Blog | May 18, 2020 Critical Palo Alto firewall vulnerabilities identified This threat report is about critical Palo Alto firewall vulnerabilities PAN-SA-2020-0005 PAN-OS, PAN-SA-2020-0006 PAN-OS, CVE-2020-2018, and CVE-2020-2005. Learn More
Blog | May 14, 2020 10 Ways Using SIEM Technology can automate fulfilling HIPAA Regulations SIEM technology can automate fulfilling HIPAA regulations to help healthcare organizations achieve compliance and improve their security posture. Learn how. Learn More
Blog | May 12, 2020 Newly discovered SolarWinds MSP Vulnerability presents nation-state threat This threat report is about a recently discovered SolarWinds MSP patch management engine (PME) vulnerability called CVE-2020-12608. Learn More
Blog | May 12, 2020 Using MITRE ATT&CK Framework for Beyond-Checkbox Cybersecurity Using the MITRE ATT&CK framework helps cybersecurity teams get insight into the tactics, techniques, and procedures adversaries use to compromise networks. Learn More
Blog | May 7, 2020 4 Security precautions before reintroducing devices to the network During the transition back to office environments, organizations should take these four security precautions before reintroducing devices to the network. Learn More
Blog | May 6, 2020 Achieve Secure Cloud Adoption using HITRUST We explain how using HITRUST to achieve secure cloud adoption helps assign responsibility for security controls between businesses and third-party vendors. Learn More
Blog | May 5, 2020 3 things for HIPAA Compliance when returning to normal operations Here are things your workers responsible for protecting the privacy of PHI at all times should do for HIPAA compliance when returning to normal operations. Learn More
Blog | May 4, 2020 VMWare ESXI Vulnerability Allows Malicious Code Injection Learn about CVE-2020-3955, a VMWare ESXI vulnerability caused by the improper validation of user-supplied inputs, and what to do to protect your business. Learn More
Blog | Apr 30, 2020 HIPAA Encryption Requirements & Standards For 2022 Learn everything you need to know about successfully complying with HIPAA encryption standards and requirements to protect ePHI. Learn More
Threat Report | Apr 21, 2020 Threat Report: APT41 using Speculoos to exploit Citrix Vulnerabilty APT41 using Speculoos, a custom-coded backdoor trojan, to exploit a well-known Citrix vulnerability is dangerous for users. Learn why. Learn More
Threat Report | Feb 3, 2020 Ragnorak and Eternal Blue Exploit CVE-2019-19781 This report is about a ransomware campaign that utilizes Ragnorak and Eternal blue to exploit the heavily reported vulnerability CVE-2019-19781. Learn More
Threat Report | Dec 5, 2019 Dexphot Polymorphic Malware Report on Dexphot polymorphic malware whose campaign is to crytomine but deploys a sophisticated approach that makes detection and deploying countermeasures difficult. Learn More
Threat Report | Nov 26, 2019 Firefox Vulnerability and Fake Tech support page scammers A report in the Firefox vulnerability and the fake technical support page scam that attempts to steal credentials with our recommended countermeasures. Learn More