Threat Report | Mar 27, 2024 Phobos Ransomware There are concerns that LockBit may have developed a new version of their file-encrypting malware just prior to their takedown. Learn More
Blog | Mar 26, 2024 How to Prepare for Microsoft Copilot for Security Prepare for the launch of Microsoft Security Copilot as it marks an exciting development in cybersecurity preparedness and speed of remediation. Learn More
Threat Report | Mar 25, 2024 Flash Notice: Beware - FritzFrog Now Leveraging Log4Shell Vulnerability The FritzFrog botnet has returned with a new arsenal, leveraging the Log4Shell vulnerability alongside PwnKit to infiltrate networks. Learn More
Threat Report | Mar 22, 2024 Flash Notice: Two Critical Vulnerabilities Patched by Ivanti This week, Ivanti patched two critical vulnerabilities, tracked as CVE-2023-41724 (CVSS 9.6) and CVE-2023-46808 (CVSS 9.9). Learn More
Threat Report | Mar 18, 2024 LockBit 4.0? - An Update on the LockBit Ransomware Group There are concerns that LockBit may have developed a new version of their file-encrypting malware just prior to their takedown. Learn More
Threat Report | Mar 18, 2024 Flash Notice: Three Critical Fortinet Vulnerabilities Found in Several Products Three critical vulnerabilities have been found in several Fortinet products last week. Learn More
Threat Report | Mar 18, 2024 Flash Notice: Microsoft Patches HyperV and Exchange Vulnerabilities Microsoft has issued patches for over 60 vulnerabilities across its Windows ecosystem. Of particular concern are two critical HyperV vulnerabilities. Learn More
Threat Report | Mar 8, 2024 Flash Notice: High Severity Cisco Secure Client CRLF Injection Vulnerability A vulnerability, tracked as CVE-2024-20337 (CVSS 8.2), has been found in Cisco Secure Client. Learn More
Threat Report | Mar 8, 2024 Flash Notice: Vulnerabilities Impacting Pixel Phones and Sunhillo SureLine Software CISA has issued a critical alert regarding recently discovered vulnerabilities affecting Pixel phones and Sunhillo SureLine software. Learn More
Threat Report | Mar 8, 2024 Flash Notice: Critical Vulnerabilities Found in Several VMware Products VMware has released critical updates addressing 4 vulnerabilities (CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255) across its products. Learn More
Threat Report | Mar 6, 2024 Flash Notice: Two Vulnerabilities Found in JetBrains' TeamCity On-Premises Exploited by Attackers A critical authentication bypass vulnerability (CVE-2024-27198 – CVSS 9.8) has been found in TeamCity CI/CD servers by JetBrains. Learn More
Threat Report | Mar 4, 2024 Flash Notice: Patch Now - Lazarus Exploits Windows Kernel Vulnerability Microsoft has recently patched a Windows Kernel privilege escalation flaw, tracked as CVE-2024-21338 (CVSS 7.8). Learn More
Threat Report | Feb 29, 2024 Flash Notice: Two High-Severity Vulnerabilities Found in Cisco NX-OS Software Two critical vulnerabilities (CVE-2024-20267 and CVE-2024-20321) have been found in Cisco NX-OS Software, impacting various Nexus series switches. Learn More
Blog | Feb 29, 2024 Simplify Data Governance in Healthcare with Microsoft Purview: A Strategic Guide for Security Professionals Dive into how adopting a unified data governance approach becomes crucial to seamlessly integrate, scale, and flexibly address your evolving data needs. Learn More
Threat Report | Feb 28, 2024 Everything You Need to Know About the Data Extortion Group, Snatch This Threat Intelligence Report looks the Snatch data extortion group's tactics + techniques, as well as recommendations on how organizations stay safe. Learn More
Blog | Feb 22, 2024 The Clock is Ticking to Become PCI 4.0 Compliant A one-size-fits-all approach to PCI compliance is no longer practical for healthcare organizations. Take a look at the most recent iteration, PCI 4.0. Learn More
News | Feb 21, 2024 UK Law Enforcement Appears to Take Over Hacker Group Website Barron's –- A message appeared on the site of ransomware specialist LockBit on Monday evening stating that it was 'now under control of law enforcement'. Learn More
Threat Report | Feb 21, 2024 Flash Notice: UPDATE - Patch Now - Maximum Security ConnectWise ScreenConnect Vulnerability UPDATED on 2/28/2024 - ConnectWise has issued a security advisory urging all ScreenConnect server admins to apply patches immediately to mitigate a severe RCE vulnerability. Learn More
Threat Report | Feb 15, 2024 Flash Notice: UPDATE - Critical Vulnerability Exploited in Microsoft Exchange Server UPDATED 2/23/2024 - Microsoft has recently confirmed the active exploitation of a critical vulnerability (CVE-2024-21410) in their Exchange Server. Learn More
Threat Report | Feb 15, 2024 Flash Notice: Microsoft Addresses Two Zero-Day Vulnerabilities Exploited by Attackers - Patch Now As part of patch Tuesday, Microsoft has responded to security concerns by providing fixes for a total of 72 vulnerabilities, including two zero-days. Learn More
Threat Report | Feb 14, 2024 Social Engineering Threats in Healthcare This Threat Intelligence Report looks at social engineering threats in the healthcare space and what organizations can do to remain safe. Learn More
Threat Report | Feb 9, 2024 Flash Notice: Patch Now - Critical Out-of-Bounds Write Vulnerability in FortiOS FortiGuard just released an advisory for a critical out-of-bounds write vulnerability (CVE-2024-21762) found in FortiOS. Learn More
Threat Report | Feb 7, 2024 Flash Notice: Critical Security Flaw Affecting Jet Brains' TeamCity On-Premises Servers A critical vulnerability (CVE-2024-23917) was found in Jet Brains’ TeamCity On-Premises servers. Learn More
Threat Report | Feb 7, 2024 Flash Notice: UPDATE - The National Vulnerability Database's Error Concerning Fortinet Investigation reveals two Fortinet vulnerabilities, CVE-2024-23108 & CVE-2024-23109, aren't new; rather, they are duplicates of a previously vulnerability. Learn More
Blog | Feb 6, 2024 Microsoft Entra ID: A Paradigm Shift in Identity Access Management (IAM) for Healthcare Organizations Discover what emerging cyber threats are predicted and the defense strategies recommended for healthcare organizations facing these threats head-on. Learn More
Threat Report | Feb 1, 2024 Flash Notice: UPDATE - New Zero-Day Found in Ivanti's Connect Secure, Policy Secure, and ZTA Gateways UPATED 2/12/24 - Ivanti has issued a critical advisory regarding two newly discovered vulnerabilities affecting its Connect Secure + Policy Secure products Learn More
News | Jan 31, 2024 Schneider Electric Hit by Ransomware Attack Against its Sustainability Business Division Cybersecurity Dive –- Cactus ransomware reportedly claimed credit for the attack, and the company hopes to restore operations in the next couple of days. Learn More
Threat Report | Jan 31, 2024 A Look into NoEscape Ransomware In less than a year, NoEscape has become a remarkable Ransomware-as-a-Service (RaaS) group. This report will dive into the group’s tactics and techniques. Learn More
Threat Report | Jan 30, 2024 Flash Notice: Critical Vulnerability Found in Fortra’s GoAnywhere MFT Software A critical vulnerability (CVE-2024-0204) was found in Fortra’s GoAnywhere Managed File Transfer (MFT) software. Learn More
Threat Report | Jan 23, 2024 Flash Notice: UPDATE - Hello Kitty Ransomware Group Exploiting Critical Vulnerability in Apache ActiveMQ UPDATE (1/23/2024) - This week, cybersecurity researchers are sounding the alarm regarding CVE-2023-46604, an Apache ActiveMQ Learn More
Threat Report | Jan 23, 2024 Flash Notice: Critical Atlassian Confluence Vulnerability Exploited by Attackers A critical remote code execution vulnerability (CVE-2023-22527), found in outdated Atlassian Confluence servers, is currently being exploited by attackers. Learn More
Threat Report | Jan 19, 2024 Flash Notice: Google Memory Corruption Zero-Day Exploited by Attackers This week, Google patched a high-severity zero-day vulnerability (CVE-2024-0519) actively exploited in Chrome. Learn More
Threat Report | Jan 18, 2024 Flash Notice: Citrix NetScaler ADC and Gateway Vulnerabilities Exploited by Threat Actors - Patch Now This week, Citrix’s NetScaler ADC and NetScaler Gateway products are under active attack thanks to two zero-day vulnerabilities. Learn More
Threat Report | Jan 18, 2024 Trust With Caution - Trust Relationship Vulnerabilities + Solutions: A Guide Within network management, trust relationships form the backbone of seamless access across interconnected domains. This guide dives into the details. Learn More
Threat Report | Jan 17, 2024 Flash Notice: Juniper Networks Addresses Critical RCE Vulnerability (CVE-2024-21591) in SRX Firewalls and EX Switches Juniper Networks has patched a critical pre-authentication RCE vulnerability (CVE-2024-21591), affecting Junos OS on SRX firewalls and EX switches. Learn More
Threat Report | Jan 16, 2024 Flash Notice: Critical GitLab Vulnerability Exploited by Attackers A critical vulnerability (CVE-2023-7028) was found in GitLab Community Edition (CE) and Enterprise Edition (EE). Learn More
Threat Report | Jan 12, 2024 Flash Notice: UPDATE - Ivanti Zero Days Exploited by Chinese Threat Actors UPDATE (1/18/2024) - This week, it is being reported that the zero-day vulnerabilities affecting Ivanti are under massive exploitation. Learn More
Threat Report | Jan 2, 2024 Avertium's End of the Year Recap - 2023 Avertium's 2023 Threat Intelligence recap explores last year's most discussed cyber threats and anticipates what organizations can expect in 2024. Learn More
Threat Report | Jan 2, 2024 Flash Notice: Barracuda's ESG Appliances Hacked by Chinese Threat Actors A zero-day vulnerability in Barracuda’s Email Security Gateway (ESG) appliances has been exploited by Chinese threat actors. Learn More
Blog | Dec 28, 2023 Looking Ahead at the Cybersecurity Landscape for Healthcare in 2024 Discover what emerging cyber threats are predicted and the defense strategies recommended for healthcare organizations facing these threats head-on. Learn More
Threat Report | Dec 21, 2023 Flash Notice: Thirteen Critical Vulnerabilities Found in Ivanti Avalanche Thirteen vulnerabilities were found in the Ivanti Avalanche. Ivanti has recently issued security updates to address the critical vulnerabilities. Learn More
Threat Report | Dec 20, 2023 Flash Notice: Critical Outlook Vulnerability a Risk to User Data Microsoft has recently patched several critical vulnerabilities impacting Outlook: CVE-2023-23397, CVE-2023-35384, and CVE-2023-36710. Learn More
Threat Report | Dec 18, 2023 Flash Notice: Threat Actors Attempt to Exploit Apache Struts 2 - Patch Now This week, attackers are actively attempting to exploit a recently patched path traversal vulnerability (CVE-2023-50164) in Apache Struts 2. Learn More
Case Studies | Dec 14, 2023 University of Tennessee Medical Center Discover how Avertium helps the University of Tennessee Medical Center's security team continue to grow its cyber resilience while minimizing risk. Learn more
Threat Report | Dec 12, 2023 New Ransomware Strains - CACTUS and 3AM During Q4 of 2023, two new ransomware strains, CACTUS and 3AM, have emerged. We dive into the specifics of them, along with safeguarding recommendations. Learn More
News | Dec 11, 2023 Generating Risk: New Exposure from ChatGPT and Other AI Tools Risk Management Magazine –- Discover the new exposures and risks from generative AI tools. | By Corey Reynolds Learn More
Threat Report | Dec 4, 2023 Flash Notice: Google Zero-Day Actively Exploited by Attackers This week, Google released security updates addressing seven security issues in its Chrome browser. Learn More
Threat Report | Nov 30, 2023 Flash Notice: Attackers Exploit ownCloud Vulnerability - Patch Now Attackers are actively exploiting a critical information disclosure vulnerability (CVE-2023-49103) within ownCloud, a widely used file sharing platform. Learn More
Threat Report | Nov 28, 2023 Understanding Distributed Denial of Service Attacks (DDoS) - A Guide In the ever-evolving landscape of cyber threats, Distributed Denial-of-Service (DDoS) attacks stand out as one of the most challenging threats. Learn More
Threat Report | Nov 20, 2023 Flash Notice: Microsoft Patches Several Zero-Day Vulnerabilities This week, Microsoft patched 6 vulnerabilities tracked as CVE-2023-36025, CVE-2023-36033, CVE-2023-36036, CVE-2023-36038, CVE-2023-36052, & CVE-2023-36413. Learn More
Threat Report | Nov 16, 2023 Flash Notice: Critical Vulnerability in VM Cloud Director - No Patch Available A critical vulnerability (CVE-2023-34060) has been found in VMware Cloud Director instances upgraded to version 10.5 from an older version. Learn More
Threat Report | Nov 14, 2023 Everything You Need to Know About Silent Skimming This report explains Silent Skimming, a financially motivated attack campaign, and helps you stay informed and secure during this holiday season. Learn More
Threat Report | Nov 14, 2023 Flash Notice: Threat Actors Exploiting SysAid Zero-Day Vulnerability This week, threat actors are actively exploiting a zero-day vulnerability (CVE-2023-47246) in the SysAid service management software. Learn More
Threat Report | Nov 9, 2023 Flash Notice: Veeam ONE Vulnerabilities Addressed Veeam ONE recently patched four critical vulnerabilities that exposed users to remote code execution attacks. Learn More
Threat Report | Nov 1, 2023 Flash Notice: Critical Atlassian Confluence Vulnerability, Could Result in Data Loss F5 Networks has released hotfixes to address critical vulnerabilities impacting its BIG-IP multi-purpose networking devices and modules. Learn More
Threat Report | Oct 31, 2023 An In-Depth Look at Rhysida Ransomware Rhysida ransomware has become a serious and mysterious threat to education + other sectors. This report explores the tactics & techniques used by Rhysida. Learn More
Threat Report | Oct 31, 2023 Flash Notice: F5 Networks - Critical BIG-IP Vulnerability F5 Networks has released hotfixes to address critical vulnerabilities impacting its BIG-IP multi-purpose networking devices and modules. Learn More
Threat Report | Oct 26, 2023 Flash Notice: Critical Out-of-Bounds Write Vulnerability Found in VMware vCenter VMware has patched a critical out-of-bounds write vulnerability, and a moderate-severity information disclosure flaw in its widely used software, vCenter. Learn More
Threat Report | Oct 24, 2023 You are the Weakest Link: Assessing Vulnerabilities and Solutions for Cybersecurity in Agriculture This report examines vulnerabilities in agriculture and discusses solutions for a sector that is unaccustomed to tech-related concerns. Learn More
Threat Report | Oct 24, 2023 Flash Notice: UPDATE - Okta Breached via Stolen Credentials - CloudFlare, 1Password, & BeyondTrust Also Impacted UPDATE (11/29/2023) - Okta Inc., an identity and access management company, disclosed its most recent security breach this week. Learn More
Threat Report | Oct 24, 2023 Flash Notice: Critical Vulnerabilities Found in SolarWinds Access Rights Manager (ARM) Eight previously unknown vulnerabilities have been found within SolarWinds' Access Rights Manager Tool (ARM). Learn More
Threat Report | Oct 20, 2023 Flash Notice: Critical Zero-Day Vulnerability Found in Citrix NetScaler This week, a critical zero-day vulnerability (CVE-2023-4966) found in Citrix NetScaler is being exploited by attackers. Learn More
Threat Report | Oct 18, 2023 Flash Notice: Critical Privilege Escalation Vulnerability in Cisco IOS XE A vulnerability targeting the Cisco IOS XE operating system has been identified, leaving upwards of 80,000 devices vulnerable to privilege escalation. Learn More
Threat Report | Oct 10, 2023 Flash Notice: "Looney Tunables" Bug Allows Root Access on Linux Distributions A vulnerability known as 'Looney Tunables' has been identified in the glibc, which can be leveraged by malicious actors on widely used Linux distributions. Learn More
Threat Report | Oct 6, 2023 Flash Notice: Critical Privilege Escalation Vulnerability in Confluence Data Center and Server A critical vulnerability, tracked as CVE-2023-22515, has been discovered in on-premise installations of Confluence Server and Confluence Data Center. Learn More
Threat Report | Oct 3, 2023 Understanding Business Email Compromise (BEC) - A Guide This report takes a deep dive into Business Email Compromise (BEC) attacks, how they work, what attack methods are used, and how to put defenses in place. Learn More
Threat Report | Oct 2, 2023 Flash Notice: Two Critical Vulnerabilities Found in Progress Software's WS_FTP Server Secure File Transfer Software Two critical vulnerabilities (CVE-2023-40044 & CVE-2023-42657) have been found in Progress Software’s WS_FTP Server secure file transfer software. Learn More
Threat Report | Sep 29, 2023 Flash Notice: Critical Vulnerability Found in Cisco's IOS and IOS XE Software A medium-severity flaw (CVE-2023-20109) was found in Cisco’s IOS and IOS XE software related to the Group Encrypted Transport VPN (GET VPN) feature. Learn More
Ebook | Sep 29, 2023 The Decline in Ransomware in 2023 + The Threats Ahead Uncover the reasons behind the decline of ransomware attacks in organizations and what this could mean for the future of cybersecurity. Learn More
Threat Report | Sep 28, 2023 Flash Notice: Zero-Day Vulnerability in Libwebp - Exploited in the Wild A severe security flaw, tracked as CVE-2023-5129, has been discovered in the libwebp image library – a critical component for rendering WebP format images. Learn More
Threat Report | Sep 26, 2023 MGM/Caesars Post-Mortem and Attribution This threat report explores the details of the recent cyber-attack on MGM International's resorts and casinos, as well as who may have been responsible. Learn More
Blog | Sep 25, 2023 Why Partnering with an MSSP is Crucial for Microsoft Intune Success Discover Microsoft Intune: Your key to efficient IT management + data security. Learn its benefits, challenges, + why partnering with an MSSP is essential. Learn More
Threat Report | Sep 25, 2023 Flash Notice: Apple Patches Three Critical Zero-Day Vulnerabilities This week, Apple addressed and patched three critical zero-day vulnerabilities that pose a significant threat to all Apple product users. Learn More
Threat Report | Sep 21, 2023 Flash Notice: Thousands of Juniper Firewalls Vulnerable to RCE Flaw This week, 12,000 Juniper SRX firewalls and EX switches were found to be vulnerability to a remote code execution flaw tracked as CVE-2023-36845. Learn More
Threat Report | Sep 21, 2023 Flash Notice: Patch Now - Trend Micro Zero-Day Exploited by Attackers, Impacts Endpoint Security Products Trend Micro has issued an advisory concerning a severe vulnerability impacting Apex One and several endpoint security products Learn More
Threat Report | Sep 19, 2023 Ransomware Groups Pivoting Away from Encryption This Threat Intelligence Report examines ransomware groups that have shifted their focus towards data extortion & explores the reasons behind this change. Learn More
Threat Report | Sep 14, 2023 Flash Notice: Microsoft Patches Two Zero-Day Vulnerabilities This week, Microsoft fixed two zero-day vulnerabilities tracked as CVE-2023-36761 and CVE-2023-36802. Learn More
Threat Report | Sep 13, 2023 Flash Notice: Google Chrome Zero-Day Exploited by Attackers This week, Google released an emergency security update to fix a critical zero-day vulnerability (CVE-2023-4863) found in Google Chrome. Learn More
Threat Report | Sep 12, 2023 Monti Ransomware This report is about Monti ransomware, their tactics and techniques, and their motive for attack. Learn More
Threat Report | Sep 12, 2023 Flash Notice: UPDATE - Critical Vulnerability in Apache RocketMQ Exploited in the Wild UPDATE (1/8/2024) - A vulnerability (CVE-2023-33246 and CVE-2023-37582) has been found in Apache RocketMQ servers. Learn More
Threat Report | Sep 8, 2023 Flash Notice: PATCH NOW - Two Zero-Day Vulnerabilities Impact Apple Products Two zero-day vulnerabilities have been found in all Apple products – this includes the iPad, Apple Watch, macOS, and iPhone. Learn More
Threat Report | Sep 6, 2023 New Ransomware Strains - CryptNet, Mallox, and Xollam CryptNet, Mallox, & Xollam are new ransomware strains with operators that have intensified the way they attack, posing new challengers for cyber experts. Learn More
Threat Report | Aug 31, 2023 Flash Notice: Two Vulnerabilities Found in Aria Operations for Networks This week, VMware fixed two vulnerabilities (CVE-2023-34039 and CVE-2023-20890) found in Aria Operations for Networks. Learn More
Blog | Aug 30, 2023 What Does the Microsoft e5 License Mean for Your Cybersecurity? Your Microsoft E5 license investment has various dimensions. Examine its implications for your cybersecurity posture and uncover how to maximize its value. Learn More
Threat Report | Aug 29, 2023 How the SEC's Proposed Security Rules Could Impact Businesses The SEC proposed new regulations in March 2022 and 2023 that would, in part, require investors be informed about how cybersecurity risks are being managed. Learn More
Threat Report | Aug 22, 2023 Understanding Ransomware-as-a-Service (RaaS) - A Guide This report explores the ransomware-as-a-service (RaaS) model and how organizations can harden their defenses against the threat actors who leverage it. Learn More
News | Aug 18, 2023 How Ransomware Has Caused Patient Deaths and Taken a Toll on Emergency Rooms Electronic Health Reporter –- In recent years, cases of patients whose death have been linked to ransomware attacks have started to emerge. Learn More
Threat Report | Aug 18, 2023 Flash Notice: Patch Now - High Severity Vulnerability Found in OpenNMS A vulnerability (CVE-2023-0871) with a CVSS score of 8.8 has been discovered in both versions of OpenNMS. Learn More
News | Aug 15, 2023 Potential Pitfalls for Public Companies Due to SEC's New Cybersecurity Rules Law.com –- Some 16 months after first proposing rules for public companies and investment advisors, the SEC adopted new rules. Learn More
Threat Report | Aug 15, 2023 AI and Cybersecurity: Is There a Balance Between AI and Privacy? If strong security measures are in place, it’s possible to successfully utilize AI while safeguarding personal & corporate data. Let's explore the balance. Learn More
Threat Report | Aug 10, 2023 Flash Notice: Two Microsoft Zero-Day Vulnerabilities Exploited by Attackers This week, Microsoft patched two zero-day vulnerabilities (CVE-2023-36884 and CVE-2023-38180). Learn More
Threat Report | Aug 8, 2023 Unraveling Scattered Spider: A Stealthy and Persistent Threat Actor Targeting Telecom Networks This TIR explores Scattered Spider - a financially motivated bad actor known for its clever use of social engineering tactics to infiltrate target devices. Learn More
Threat Report | Aug 4, 2023 Flash Notice: Critical Vulnerability Found in Ivanti's MobileIron Core A critical vulnerability with a CVSS score of 10 was discovered in outdated versions of Ivanti's MobileIron Core, aka Ivanti Endpoint Manager Mobile (EPMM) Learn More
Threat Report | Aug 1, 2023 Flash Notice: UPDATE - Ivanti Endpoint Manager Mobile Zero-Day Exploited by Attackers UPDATE (8/1/2023) - This week, a second zero-day vulnerability (CVE-2023-35081) was discovered in EPMM. Learn More
Threat Report | Aug 1, 2023 The Double Extortion Group, 8Base Meet 8Base, a stealthy ransomware group that evaded detection for over a year, only to resurface with an alarming surge in operations during May & June '23. Learn More
Threat Report | Jul 31, 2023 Flash Notice: OpenSSH Flaw Could be Exploited by Attackers A vulnerability was found (CVE-2023-38408) in OpenSSH, the widely used secure networking suite for encrypted data transfer and remote logins. Learn More
Blog | Jul 27, 2023 The Move from Reactive GRC to Proactive GRCaaS Organizations face the daunting challenge of ensuring compliance with an ever-increasing number of regulations and more – that's where GRCaaS comes in. Learn More
Threat Report | Jul 25, 2023 Evolution of Russian APT29 – New Attacks and Techniques Uncovered Discover APT29's latest exploits targeting diplomats in Ukraine and how you can protect your organization Learn More
Threat Report | Jul 20, 2023 Flash Notice: Critical Vulnerability in Citrix NetScaler ADC and NetScaler Gateway Citrix has issued an advisory warning customers about a high-severity vulnerability (CVE-2023-3519) affecting NetScaler ADC and NetScaler Gateway products. Learn More
Threat Report | Jul 18, 2023 An Update on the Pro-Russia Threat Actor, Killnet This report looks at Killnet and their most recent activity and why it is still important for organizations to keep an eye on this threat actor. Learn More
Threat Report | Jul 14, 2023 Flash Notice: RCE Vulnerability Found in Open-Source PDF Library Ghostscript A critical remote code execution (RCE) vulnerability, tracked as CVE-2023-36664, has been discovered in Ghostscript, an open-source interpreter. Learn More
News | Jul 13, 2023 Microsoft Azure Marketplace New Offers - June 29, 2023 Microsoft –- See details of new Azure offerings, including Avertium's Connector for Microsoft Sentinel. Learn More
Threat Report | Jul 13, 2023 Flash Notice: Microsoft Zero-Day Exploited by Russian Threat Actor A remote code execution (RCE) vulnerability exists in Microsoft Office and Windows HTML. The vulnerability is tracked as CVE-2023-36884. Learn More
Threat Report | Jul 12, 2023 Threat Actor Profile - Cadet Blizzard This report examines Cadet Blizzard, their tactics & techniques, and how businesses can remain vigilant in protecting themselves against the threat actor. Learn More
Threat Report | Jul 10, 2023 Flash Notice: Patch NOW - Three New MOVEit Transfer Vulnerabilities Three new vulnerabilities, tracked as CVE-2023-36934, CVE-2023-36932, and CVE-2023-36933, were found in Progress Software’s MOVEit File Transfer software. Learn More
Threat Report | Jul 10, 2023 Flash Notice: StackRot, a New Linux Kernel Vulnerability A security vulnerability, tracked as CVE-2023-3269 or StackRot, has been discovered in the Linux kernel. Learn More
Threat Report | Jul 6, 2023 MOVEit Postmortem This report details the ongoing devastation caused by the MOVEit vulnerabilities and the threat actor targeting organizations. Learn More
Threat Report | Jun 27, 2023 How Ransomware Has Caused Patient Deaths in Healthcare Let’s explore how ransomware has caused patient deaths in healthcare and how disrupted care impacts neighboring Emergency Departments. Learn More
Blog | Jun 26, 2023 Explore Positive Applications and Potential Risks of AI in Cybersecurity The advancement of artificial intelligence (AI) has brought about significant improvements in various industries, especially in cybersecurity. Learn More
Threat Report | Jun 22, 2023 Flash Notice: Critical VMware Vulnerability Exploited in the Wild A recently patched critical VMware vulnerability is now being exploited in the wild. CVE-2023-20887 is a command injection vulnerability. Learn More
Threat Report | Jun 21, 2023 Flash Notice: Critical Vulnerabilities Impact ASUS Routers This week, ASUS issued a firmware update to address vulnerabilities across 19 of its wireless router models. Learn More
Threat Report | Jun 21, 2023 Analyzing Embedded Files in Malicious OneNote Documents Several threat families including IcedID, QakBot, AsyncRat, AgentTesla, have been observed abusing OneNote documents. Learn More
News | Jun 15, 2023 Becoming an MSSP is Hard. Partnering With One Could be a Better Answer CRN –- SP's looking to bring managed security services to their customers are finding growing options to do so through the channel community. Learn More
News | Jun 15, 2023 MSSPs on Why MDR Isn't Always Enough CRN –- Many MSSP executives say a typical MDR offering is not nearly as comprehensive as the full complement of cyber services they offer. Learn More
Threat Report | Jun 15, 2023 Flash Notice: Microsoft Patches High-Severity and Critical Vulnerabilities This week, Microsoft released security updates for several vulnerabilities, honing in on four in particular Learn More
Threat Report | Jun 13, 2023 Flash Notice: UPDATE - Critical Fortinet Heap-Based Overflow RCE Vulnerability Patched UPDATE (7/6) - A critical heap-based buffer overflow vulnerability (CVE-2023-27997) was found in Fortinet iOS and FortiProxy SSL-VPN. Learn More
Threat Report | Jun 13, 2023 Insider Threats in Healthcare Whether intentional or negligent, let’s explore insider threats in healthcare and how healthcare organizations can remain safe. Learn More
Threat Report | Jun 7, 2023 Flash Notice: Google Patches Chrome Type Confusion Zero-Day Exploited by Attackers A zero-day vulnerability (CVE-2023-3079) was found in Google’s Chrome web browser and is actively being exploited in the wild. Learn More
Threat Report | Jun 6, 2023 Volt Typhoon: Targeted Attacks on U.S. Critical Infrastructure Recently identified activity associated with state-sponsored threat actor Volt Typhoon has impacted critical infrastructure networks across the U.S. Learn More
Threat Report | Jun 2, 2023 Flash Notice: SECOND UPDATE - Critical MOVEit File Transfer Zero-Day Vulnerability Exploited by Attackers NEW UPDATE (6/16/2023) - Last night, Progress published an advisory notifying users of another critical MOVEit Transfer vulnerability: CVE-2023-35708. Learn More
Threat Report | May 31, 2023 An In-Depth Look at Cuba Ransomware Cuba ransomware first appeared in 2019 but remained nearly unnoticed until November 2021. Let's take a look at their recent attacks, tactics, & techniques. Learn More
Threat Report | May 30, 2023 Flash Notice: UPDATE - Barracuda Zero-Day Vulnerability Exploited in the Wild - Customers Urged to Patch ESG Appliances UPDATE (6/16/2023) - This week, users are discovering a new issue linked to CVE-2023-2868, the Barracuda ESG Zero-Day Vulnerability. Learn More
Threat Report | May 24, 2023 Flash Notice: Vulnerabilities Found in Mitsubishi Electric MELSEC Series Products This week, two vulnerabilities (CVE-2023-1618 and CVE-2023-1424) were found in Mitsubishi Electric MELSEC Series Products. Learn More
Webinar | May 24, 2023 The Impact of AI on the Cybersecurity Landscape Join Avertium and Microsoft Security for a discussion on what AI means for the future of cybersecurity and how AI in cyber can impact different industries. Watch Now
Threat Report | May 23, 2023 The Money Message Group - A New Ransomware Threat A new ransomware group, known as Money Message, has been observed encrypting network shares and targeting both Windows and Linux operating systems. Learn More
Threat Report | May 16, 2023 A Deeper Look into the PaperCut Vulnerabilities This report takes a deeper look into two PaperCut vulnerabilities - CVE-2023-27350 and CVE-2023-27351 - and the threat actors who are exploiting them. Learn More
Threat Report | May 11, 2023 Flash Notice: Secure Boot Zero-Day Exploited by BlackLotus UEFI Malware Microsoft has issued security updates for a Secure-Boot zero-day (CVE-2023-24932) that has been exploited by BlackLotus UEFI malware in the wild. Learn More
Threat Report | May 9, 2023 Ransomware - Akira and Rapture This month has seen activity from two lesser-known ransomware groups that are not currently in the spotlight. Let’s look at them - Akira and Rapture. Learn More
Threat Report | May 5, 2023 Flash Notice: Oracle Opera Vulnerability Impacts Hotel Chains A vulnerability (CVE-2023-21932) was found in Oracle Opera – a property management system that is widely used in large resort and hotel chains. Learn More
Threat Report | May 2, 2023 Lazarus and the 3CX Double Software Supply Chain Attack In March 2023, threat actors compromised the desktop application of 3CX in a supply chain attack. Researchers were able to attribute the attack to Lazarus. Learn More
Blog | Apr 28, 2023 SEC’s Role in the Shift Towards Greater Transparency in Cybersecurity SEC proposed new regulations in March 2022 and 2023 to promote transparency and encourage public companies/covered entities to take cyber risks seriously. Learn More
Threat Report | Apr 28, 2023 Flash Notice: PaperCut - Patch Now, Critical Printer Software Vulnerabilities Exploited in the Wild Two vulnerabilities tracked as CVE-2023-27350 and CVE-2023-27351 have been found in PaperCut, a print management software solution used by over 100M users. Learn More
News | Apr 27, 2023 Kelly Bissell Joins Avertium as Board Advisor Microsoft Corporate Vice President adds Microsoft Security expertise to Cyber Fusion Company. Learn More
Threat Report | Apr 26, 2023 Can Someone With No Programming Experience Write Ransomware Using ChatGPT? Two team members with no programming experience were able to successfully manipulate ChatGPT into writing ransomware encryptors. Let's go into the details. Learn More
News | Apr 24, 2023 Avertium Named Winner of the Coveted Global InfoSec Awards During RSA Conference 2023 Officials with Avertium, a cyber fusion company, are proud to announce recent Global InfoSec awards from Cyber Defense Magazine (CDM). Learn More
Blog | Apr 20, 2023 Am I ready for a PCI ROC? This post answers PCI Report on Compliance (ROC) questions, help you determine if you're ready, and gives tips for doing a PCI readiness assessment. Learn More
Threat Report | Apr 18, 2023 An Avertium Case Study - LockBit This report looks at the tactics and techniques leveraged by LockBit’s affiliates + how subpar security can serve as an entry point for threat actors. Learn More
Threat Report | Apr 18, 2023 Flash Notice: Actively Exploited Zero-Day Vulnerability in Google Chrome A zero-day vulnerability was found in Google Chrome. CVE-2023-2033 is a high-severity type confusion vulnerability in the V8 JavaScript engine. Learn More
Threat Report | Apr 14, 2023 Flash Notice: Critical Vulnerability Found in Windows Queuing Middleware Service A critical vulnerability (CVE-2023-21554) was disclosed by Check Point researchers in the Windows Message Queuing (MSMQ) middleware service this week. Learn More
Threat Report | Apr 12, 2023 Flash Notice: Windows Zero-Day Actively Exploited by Ransomware Group A zero-day vulnerability (CVE-2023-28252) was found in the Windows Common Log File System (CLFS) and is being actively exploited. Learn More
Threat Report | Apr 11, 2023 APT Winter Vivern Resurfaces in 2023 The APT Winter Vivern was recently seen exploiting a Zimbra software vulnerability in an ongoing cyber espionage campaign. Learn More
Threat Report | Apr 11, 2023 Flash Notice: Two Apple Zero Days Exploited in the Wild Two zero-day vulnerabilities were recently discovered in certain iPhones, Macs, and iPads. Avertium recommends that users update their Apple devices ASAP. Learn More
Threat Report | Apr 4, 2023 An In-Depth Look at Mirai & HinataBot Lately, the Mirai & HinataBot botnets have been the focus of discussion among security professionals. Let's explore their inner workings to understand why. Learn More
Guide | Mar 30, 2023 Essential Guide to HIPAA Compliance A complete guide to help you understand HIPAA compliance and the HIPAA Privacy, Security and Breach Notification Rules. Learn More
Case Studies | Mar 28, 2023 Internova Travel Group Discover how Avertium helps unburden Internova Travel Group's security team to have the space to start focusing on more strategic cybersecurity priorities. Learn more
Threat Report | Mar 28, 2023 BianLian Ransomware Changes Faces In this report we will examine the impact of the released decryptor for BianLian ransomware and why it is most likely only a temporary setback Learn More
Threat Report | Mar 27, 2023 Flash Notice: Emergency Security Update Released for Windows 10 and 11 Snipping Tool Microsoft has released an emergency security update for “Acropalypse” (CVE-2023-28303). The vulnerability impacts the Windows 10 and 11 Snipping tool. Learn More
Blog | Mar 23, 2023 Everything You Need to Know About HIPAA Compliance Find information on HIPAA compliance + regulatory standards, frequently asked questions, and more with Avertium to stay prepared. Learn More
Blog | Mar 23, 2023 Threat Hunting Recognized by NIST as an Official Cybersecurity Discipline The NIST RA-10: Threat Hunting highlights the need for threat hunting as a component of a robust and maturing cybersecurity program for all company sizes. Learn More
Threat Report | Mar 21, 2023 Government & Law Enforcement Crack Down On Cybercrime Over the past 2 years, large ransomware groups like HIVE ransomware have been dismantled by law enforcement after several months or years of investigation. Learn More
Blog | Mar 17, 2023 Strengthening Cybersecurity: HITRUST CSF v11 2023 Updates HITRUST CSF v11 updates make it easier for organizations to use previous assessments to upgrade to higher levels of HITRUST assurance with less effort. Learn More
Threat Report | Mar 16, 2023 Flash Notice: Critical Outlook Vulnerability for Windows is Easy to Exploit A critical vulnerability (CVE-2023-23397) was found in Microsoft Outlook for Windows that could allow an attacker to remotely steal hashed passwords. Learn More
Threat Report | Mar 16, 2023 Compromising a Network Through Active Directory Certificate Services Let’s look at how ADCS misconfigurations can be used to elevate privileges & why it’s important for businesses to assess those potential misconfigurations. Learn More
Threat Report | Mar 15, 2023 Flash Notice: Fortinet FortiOS Vulnerability Exploited by Attackers This week, an unknown threat actor began exploiting a FortiOS vulnerability (CVE-2022-41328) that was patched this month. Learn More
Threat Report | Mar 13, 2023 Flash Notice: Critical Fortinet Vulnerability Impacts FortiOS and FortiProxy A critical vulnerability was found in Fortinet devices running FortiOS and FortiProxy. The vulnerability is tracked as CVE-2023-25610 and has a CVSS score Learn More
Threat Report | Mar 13, 2023 Flash Notice: High Severity Vulnerability Found in Veeam Backup and Replication A high-severity vulnerability has been discovered in Veeam Backup and Replication software, which supports virtual machines running on Hyper-V Learn More
News | Mar 8, 2023 Hackers Behind Oakland Ransomware Attack Dump Data on City Employees PC Mag –- The Play ransomware group publishes links to a 10GB database containing confidential information on numerous city employees. Learn More
Threat Report | Mar 7, 2023 2023 Ransomware Group Activity Trends In this Threat Intelligence Report, we look at this year’s ransomware group trends and what we can expect from the threat actors as we move forward. Learn More
Threat Report | Mar 6, 2023 Flash Notice: Patch Immediately - PoC Exploit Publicly Available for Microsoft Word RCE Vulnerability A proof-of-concept (PoC) exploit for CVE-2023-21716, a severe RCE vulnerability found in Microsoft Word, is now accessible to the public. Learn More
Threat Report | Mar 3, 2023 Flash Notice: Cisco IP Phone Vulnerabilities Cisco has released security updates for vulnerabilities impacting its IP Phone 6800, 7800, 7900, and 8800 Series products. Learn More
News | Mar 2, 2023 Security Concerns Continue Surrounding Tik Tok WATE News –- Mike Wilkinson, director of digital forensics and incident response at Avertium explains whether these security concerns are valid or not. Learn More
Blog | Mar 2, 2023 Securing the Customer Channel: 2 Critical Things for Retailers to Know Explore the challenges retailers face and take a look at 2 critical factors retailers must know to protect the customer channel and build trust with them. Learn More
Threat Report | Mar 1, 2023 Moving Beyond Email - Alternative Vehicles for Social Engineering Although email remains a common vehicle for social engineering attacks, threat actors have been utilizing other means to manipulate their targets. Learn More
Threat Report | Mar 1, 2023 Cyber Threats Unveiled: SSH Scanning and XorDDos Propagation This report discusses the apparently automated approach used by a threat actor to identify vulnerable hosts, install the XorDDoS bot, & launch DDoS attacks Learn More
Threat Report | Feb 21, 2023 A Closer Look at QakBot Last week, Avertium's Cyber Threat Intelligence team published a Flash Notice regarding QakBot and its distribution of malware - let's take a closer look. Learn More
Threat Report | Feb 21, 2023 Flash Notice: Four Vulnerabilities Found in Cisco Security Products Two vulnerabilities were found in the Cisco ClamAV scanning library – an open-source cross-platform antimalware toolkit. Learn More
News | Feb 21, 2023 Avertium Recognized on CRN's 2023 MSP 500 List Avertium Ranks in Security Top 100 for Seventh Consecutive Year. Learn More
News | Feb 20, 2023 The Top Three Cyber Threats Defined in Manufacturing SME.com –- Staying on top of cyber threats is a critical step for manufacturers to establish resiliency and business continuity. Learn More
Threat Report | Feb 20, 2023 Flash Notice: Critical Vulnerabilities Found in FortiNAC and FortiWeb Fortinet released security updates for two critical vulnerabilities (CVE-2022-39952 and CVE-2022-42756) found in FortiNAC and FortiWeb products. Learn More
Threat Report | Feb 16, 2023 Threat Actors, Car Systems, and Weak API Security An API is typically behind any interaction between a vehicle and its user. The discovered vulnerabilities affected well-known brands such as Toyota, Mercedes, Porsche, Ferrari, and others. Learn More
Threat Report | Feb 16, 2023 Flash Notice: Microsoft Patches Three Zero-Day Vulnerabilities This week, Microsoft patched 3 zero-day vulnerabilities (CVE-2023-21715, CVE-2023-21823, & CVE-2023-23376) that are currently being exploited by attackers. Learn More
Threat Report | Feb 15, 2023 Flash Notice: Apple Patches Two Vulnerabilities, Including a Zero-Day In response to attacks aimed at hacking iPhones, iPads, & Macs, Apple issued urgent security updates that address two vulnerabilities - one a zero-day. Learn More
Blog | Feb 13, 2023 About Microsoft 365 E5 License including Defender for Endpoint Upgrading to Microsoft 365 E5 from E3 doesn't have to be a challenge. Here's what you need to know about Microsoft 365 E5 License, its use cases, & more. Learn More
Threat Report | Feb 10, 2023 Flash Notice: Beware - QakBot Group Infects Microsoft's OneNote with QakNote Malware The group TA577 or QakBot has been distributing malware to infect systems via OneNote files since January 31, 2023, with a spike in attacks just this week. Learn More
News | Feb 10, 2023 A Warning to Employers: Callback Phishing is on the Rise Venteur –- Phishing is getting much more sophisticated—because in some ways, it’s getting simpler. Learn More
Threat Report | Feb 7, 2023 Everything You Need to Know About Cross-Site Request Forgery (CSRF) Cross-Site Request Forgery (CSRF) is a method of attack where an external actor is communicating with an app on behalf of a user, without their knowledge. Learn More
Threat Report | Feb 6, 2023 Flash Notice: Thousands of Unpatched VMware Servers Hit by Two-Year Old Vulnerability This weekend ESXiArgs ransomware hit VMware servers & encrypted thousands of unpatched internet exposed ESXi systems through a 2-year old RCE vulnerability Learn More
Threat Report | Feb 3, 2023 Flash Notice: Cisco Command-Injection Vulnerability Found in Production Equipment A command-injection vulnerability was found in Cisco’s production equipment. CVE-2023-20076 could allow unauthorized root-level access & RCE. Learn More
Threat Report | Feb 2, 2023 Flash Notice: Critical QNAP NAS Vulnerability A critical vulnerability was found in QNAP Systems’ network-attached storages devices (NAS). CVE-2022-27596 is rated critical with a CVSS score of 9.8. Learn More
Threat Report | Jan 31, 2023 Everything You Need to Know About the Data Extortion Group RansomHouse RansomHouse is a fairly new operation that focuses on breaching networks via vulnerabilities to steal their targets’ data. Learn More
Blog | Jan 30, 2023 The Rise of Cyber Fusion – A Holistic Cybersecurity Approach What is cyber fusion? Cyber fusion refers to the unification of security functions to create a holistic approach to cybersecurity. Learn More
News | Jan 30, 2023 Hive Ransomware: Modern, Efficient Business Model Yahoo News –- The DOJ's shutdown of the Hive ransomware operation highlights how hacking has become an ultra-efficient, specialized industry. Learn More
Threat Report | Jan 24, 2023 Flash Notice: Apple Zero-Day Impacts Older iPhones and iPads An actively exploited iOS zero-day vulnerability (CVE-2022-42856) was found in older versions of Apple’s iPhones and iPads. Learn More
Threat Report | Jan 24, 2023 Flash Notice: UPDATE - Zoho ManageEngine Vulnerability Exploited in the Wild UPDATE: 2/27/2023 - vulnerability (CVE-2022-47966) was found in two dozen Zoho ManageEngine products which is currently being exploited in the wild. Learn More
Blog | Jan 20, 2023 The Basics of Cybersecurity Maturity What does ‘maturity’ mean? Take a look at 3 basic steps you need to know to determine your cyber maturity + how that helps drive positive business impact. Learn More
Threat Report | Jan 18, 2023 CVE-2014-2383: LFI/RFI Escalation to RCE Avertium’s Threat Labs observed the presence of CVE-2014-2383 in a client environment. This TIR mimics the environment in which CVE-2014-2383 was exploited. Learn More
Threat Report | Jan 13, 2023 Flash Notice: Microsoft Patch Tuesday Addresses 11 Critical Vulnerabilities & 1 Zero-Day Microsoft recently released its Patch Tuesday fixes which included a patch for an actively exploited zero-day vulnerability, CVE-2023-21674. Learn More
Threat Report | Jan 11, 2023 Flash Notice: High-Severity JsonWebToken Library Vulnerability A vulnerability was found in the open source JsonWebToken (JWT) library that could allow an attacker to achieve remote code execution on a server. Learn More
Threat Report | Jan 10, 2023 MITM Attacks - EvilProxy and Evilginx EvilProxy is a phishing-as-a-service toolkit available on the dark web. Evilginx is another MITM framework used for phishing credentials & session cookies. Learn More
News | Jan 6, 2023 Who are LockBit Gang? The Group Behind the Ransomware and Apology to SickKids Hospital iHeartRadio | The Jerry Agar Show –- GUEST: Mike Wilkinson, Director of DFIR for cybersecurity firm Avertium, discusses SickKids Hospital attack & apology. Learn More
Threat Report | Jan 6, 2023 Flash Notice: High-Severity Fortinet Vulnerabilities Impact FortiTester and FortiADC Two high-severity vulnerabilities (CVE-2022-35845 and CVE-2022-39947) were found in Fortinet’s FortiADC and FortiTester. Learn More
Threat Report | Jan 5, 2023 Flash Notice: Zoho Manage Engine Vulnerability - Patch Now This week, Zoho disclosed a critical security vulnerability (CVE-2022-47523) impacting some of their ManageEngine products. Learn More
Threat Report | Jan 4, 2023 An In-Depth Look at Play Ransomware Play ransomware (aka PlayCrypt) is a new ransomware operation that launched in June 2022 and has amassed a steady stream of victims across the world. Learn More
Threat Report | Dec 29, 2022 Flash Notice: Critical Linux Kernel Vulnerability Can Lead to Remote Code Execution This week, VMware patched a critical vulnerability (CVE-2022-31705) impacting ESXi, Workstation, Cloud Foundation, and Fusion. Learn More
Threat Report | Dec 28, 2022 End of the Year Recap and What to Expect for 2023 In this end-of-year report, we look at this year's most talked about cyber threats and what organizations can expect for 2023. Learn More
Threat Report | Dec 20, 2022 TIR-20221219: Stay Vigilant with Cybersecurity During the Holidays This report looks at why organizations and individuals should be consistent with using cybersecurity best practices during the holiday season. Learn More
Threat Report | Dec 16, 2022 Flash Notice: Critical VMware Vulnerabilities This week, VMware patched a critical vulnerability (CVE-2022-31705) impacting ESXi, Workstation, Cloud Foundation, and Fusion. Learn More
News | Dec 15, 2022 Avertium Advances its Cyber Fusion Capabilities by Adding Microsoft Security Expertise Today, Avertium has announced the addition of Microsoft Security expertise to its team of threat defense professionals. Learn More
Threat Report | Dec 15, 2022 Flash Notice: Critical Remote Code Execution Vulnerability Found in SPNEGO An RCE Vulnerability found in the common Windows Protocol SPNEGO NEGOEX has been upgraded from a 3.1 CVSS score to an 8.1. Learn More
Threat Report | Dec 14, 2022 Flash Notice: Critical Citrix Zero-Day Exploited by Attackers A critical zero-day vulnerability (CVE-2022-27518) was found in Citrix ADC and Gateway. It is an unauthenticated remote code execution vulnerability. Learn More
Threat Report | Dec 13, 2022 Flash Notice: Critical Fortinet Zero-Day Vulnerability Exploited in the Wild A critical zero-day vulnerability (CVE-2022-42475) was found in multiple versions of Fortinet’s FortiOS SSL-VPN. Learn More
Threat Report | Dec 13, 2022 Everything You Need to Know About Royal Ransomware After emerging in January 2022, Royal ransomware is a ransomware strain that is being distributed by ransomware threat actors from previous operations. Learn More
Ebook | Dec 13, 2022 2023 Cybersecurity Landscape: 8 Lessons for Cybersecurity Professionals Guided by what we've learned in 2022, here are 8 cybersecurity lessons you can take into 2023 to prevent and recover from incoming threats. Learn More
Threat Report | Dec 7, 2022 Flash Notice: Google Patches Actively Exploited Zero-Day A zero-day vulnerability impacting all browser versions of Google Chrome (including Opera & Microsoft Edge) is being actively exploited by threat actors. Learn More
Threat Report | Dec 6, 2022 An Update on HIVE Ransomware Last month, CISA & the FBI released an advisory stating that HIVE ransomware attacks have continued, and they have attacked over 1300 businesses since 2021 Learn More
Threat Report | Dec 1, 2022 Flash Notice: Oracle Vulnerability Actively Exploited A patched vulnerability (CVE-2021-35587) found in Oracle’s Fusion Middleware Access Manager (OAM) is currently under active exploitation. Learn More
Threat Report | Nov 30, 2022 The Pitfalls of Online Chat Features There are ways for organizations to stay safe but continue to provide the convenience of an online chat feature on their site - let's take a look at them. Learn More
Threat Report | Nov 22, 2022 An In-Depth Look at the North Korean Threat Actor, ZINC In September, Microsoft observed the North Korean threat actor, ZINC, targeting individuals from the Infosec community on LinkedIn and Twitter. Learn More
Threat Report | Nov 18, 2022 Flash Notice: Two High-Severity Vulnerabilities Found in F5 BIG-IP and BIG-IQ Products This week, Rapid7 researchers discovered two high-severity vulnerabilities in F5 BIG-IP and BIG-IQ products running customized distribution of CentOS. Learn More
Ebook | Nov 17, 2022 Everything You Need to Know to Create An Effective Incident Response Plan Creating an effective response plan specific to your business is the best way to ensure you are ready to mitigate the effect of a cyberattack. Learn how. Learn More
News | Nov 16, 2022 Managed Security Services Market Worth $49.6 Billion by 2027, Report Says Security Systems News –- A report by MarketsandMarkets has predicted the growth of the managed security services market to an estimated $49 billion by 2027 Learn More
Threat Report | Nov 15, 2022 An Update on LockBit 3.0 This report looks at the recent activity of LockBit 3.0, their tactics and techniques, as well as the state of ransomware for 2022. Learn More
Threat Report | Nov 14, 2022 Flash Notice: Citrix and VMware Disclose Critical Vulnerabilities, Could Impact Remote Workspaces This week Citrix issued patches for 3 vulnerabilities impacting their Gateway & ADC products. VMware also warned customers about 3 critical vulnerabilities Learn More
Threat Report | Nov 9, 2022 MFA Breaches & MFA Fatigue This Threat Intelligence Report looks at MFA attacks and what organizations can do to move toward better protection. Learn More
News | Nov 7, 2022 Avertium Names Bill Carroll New Chief Executive Officer Today, Avertium announced the appointment of Bill Carroll as the company’s new Chief Executive Officer. Learn More
Threat Report | Nov 2, 2022 Flash Notice: OpenSSL Project - Two High Severity Vulnerabilities Two critical vulnerabilities that were found in OpenSSL Project’s open-source cryptographic library have now been downgraded to high-severity. Learn More
Threat Report | Nov 1, 2022 An In-Depth Look at Lorenz Ransomware Emerging in 2021, Lorenz ransomware has targeted organizations worldwide, demanding thousands of dollars in ransom. Learn More
Threat Report | Oct 28, 2022 Flash Notice: Cisco VPN Vulnerabilities Exploited in the Wild This week, Cisco announced that there are two vulnerabilities affecting their AnyConnect product. They are being tracked as CVE-2020-3433 & CVE-2020-3153. Learn More
News | Oct 27, 2022 Avertium Named Microsoft Security Solutions Partner Avertium has been named a Microsoft Security Solutions Partner, an elite designation among cybersecurity companies. Learn More
Threat Report | Oct 25, 2022 Flash Notice: Windows Zero-Day Exploited - JavaScript Files Bypass Security Warnings A Windows zero-day vulnerability is allowing threat actors to use malicious stand-alone JavaScript files to bypass Mark-of-the-web security warnings. Learn More
Threat Report | Oct 25, 2022 Iranian Cyber Threats - APT42 & HomeLand Justice CISA and the FBI recently warned that Iranian threat actors APT42 and HomeLand Justice have been consistently improving their offensive cyber capabilities. Learn More
Ebook | Oct 21, 2022 7 Common Indicators of a Phishing Attempt In this eBook, we dive into phishing and its most prevalent tactics as well as how to spot and stop attacks before they occur. Learn More
Webinar | Oct 19, 2022 Breaking Down Barriers with Detection-as-Code Join us as we discuss Avertium powered by SnapAttack, our process & methodology behind detection-as-code, and what integrated partnerships like this have to offer you and your business. Watch Now
Threat Report | Oct 19, 2022 “Microsoft Patches Zero-Days Impacting Microsoft Office and Windows” CVE-2022-41082 and CVE-2022-41040, now dubbed ProxyNotShell, are bugs that can be chained together and used to breach corporate networks. Learn More
Threat Report | Oct 18, 2022 An In-Depth Look at Russian Threat Actor, Killnet Russian hacktivists like Killnet are making threats against and attacking not only Ukraine, but the U.S. as well. Learn More
Blog | Oct 17, 2022 Reducing Ransomware Risk in Healthcare The impacts of the global pandemic have put the healthcare industry at the top of the list for ransomware threats. Learn More
Threat Report | Oct 11, 2022 An In-Depth Look at Vice Society Ransomware Threat actors like Vice Society know that education has a low rate of cyber insurance coverage, & it's likely a driving force behind their attacks on schools. Learn More
Blog | Oct 10, 2022 Flash Notice: Critical Fortinet Vulnerability Impacting Fortigate Firewalls and FortiProxy Web Proxies A critical Fortinet authentication bypass vulnerability tracked as CVE-2022-40684 exists in FortiGate firewalls and FortiProxy web proxies. Learn More
News | Oct 7, 2022 What $1B in Cybersecurity Funding Can Mean for US State, Local Governments Help Net Security -- How do you best spend a cybersecurity budget you have long been hoping you’d get? Learn More
News | Oct 7, 2022 Avertium Fusion MXDR Strengthens Threat Defense Intelligence for Microsoft Security Customers Help Net Security -- Avertium announced Fusion MXDR, a new service the security partner is providing for Microsoft Security customers. Learn More
News | Oct 7, 2022 Cybersecurity Conflict Russia and Ukraine - Paul Caiazzo, Avertium Techstrong TV -- Paul Caiazzo, advisor to Avertium, explains how the cybersecurity conflict between Russia & Ukraine is impacting the average organization. Learn More
News | Oct 7, 2022 5 Cyber Threats Facing the Education Sector Security Magazine -- Student and school community data has been targeted by cyberattackers throughout the past years. Learn More
News | Oct 7, 2022 Ukraine Under Assault Compass Knox -- Local observers offer personal and professional perspectives on Russia’s invasion and its ramifications. Learn More
News | Oct 6, 2022 Avertium's Fusion MXDR Gains Recognition for Innovation Avertium Wins “Security Response Solution of the Year” at 6th Annual International Cybersecurity Breakthrough Awards Learn More
Threat Report | Oct 4, 2022 Everything You Need to Know About Bumblebee Malware Bumblebee has been solidified as a highly sophisticated malware that is distributed via phishing email campaigns. Learn More
Blog | Oct 3, 2022 Flash Notice: UPDATE - Microsoft Exchange Double Zero-Day Vulnerabilities There are two zero-day vulnerabilities affecting Microsoft Exchange Server 2013, 2016, and 2019: CVE-2022-41040 and CVE-2022-41082. Learn More
News | Sep 28, 2022 Tips to Keep Your Teen Safe on Social Media WATE News -- Social media: it’s a common way for predators to gain access to unsuspecting users, especially young ones. Learn More
Blog | Sep 28, 2022 Flash Notice: FARGO Ransomware Attacking Microsoft SQL Servers Vulnerable Microsoft SQL servers are currently being targeted by threat actors and infected with FARGO ransomware (aka Mallox & TargetCompany). Learn More
Threat Report | Sep 27, 2022 An In-Depth Look at APT35 aka Charming Kitten The Iranian advanced persistent threat actor and cyberespionage group, APT35, aka Charming Kitten or Phosphorus, has been making headlines since 2014. Learn More
Blog | Sep 22, 2022 Flash Notice: Update #2 - Critical Confluence Zero-Day Vulnerability Still Under Active Exploitation Although Atlassian released updates for critical Confluence vulnerability CVE-2022-26134 in June 2022, attackers are still compromising unpatched devices. Learn More
Threat Report | Sep 20, 2022 Everything You Need to Know About Callback Phishing This threat report looks at callback phishing, the threat actors who use the attack vector, and why organizations everywhere need to be on high alert. Learn More
Blog | Sep 15, 2022 Flash Notice: Windows Privilege Escalation Zero-Day Flash Notice: Microsoft patched a high severity zero-day vulnerability this week that is now being tracked as CVE-2022-37969. Learn More
News | Sep 14, 2022 Emotet Resurfacing as Power Player in Ransomware Wars, Avertium Warns MSSP Alert -- Avertium, a Top 250 MSSP, has released a new threat intelligence report that takes a deep dive on the notorious Emotet botnet. Learn More
Blog | Sep 14, 2022 Flash Notice: Apple Fixes 8th Zero-Day Vulnerability This week, Apple released security updates to address a zero-day vulnerability (CVE-2022-32917) impacting iPhones and macOS. Learn More
Threat Report | Sep 13, 2022 The Top 5 Cyber Threats in the Energy Sector We look at the top 5 cyber threats within the energy sector + why energy companies need cybersecurity best practices to keep their cyber environments safe. Learn More
News | Sep 13, 2022 East Tennessee Tech Expert Shares Tips for Keeping Your Online Accounts Safe WBIR 10 News -- The CEO of a local IT company says you should manage your digital legacy the same way you would your physical legacy. Learn More
Threat Report | Sep 7, 2022 An In-Depth Look at the Emotet Botnet After 10 months of darkness, Emotet came back with a vengeance in 2021. In Q1 2022, Emotet re-emerged using new variants that employed old & new techniques Learn More
Blog | Sep 7, 2022 Flash Notice: Google Patches Chrome Zero-Day A high-severity, zero-day vulnerability (Cve-2022-3075) was found in Google’s Chrome web browser. Learn More
Blog | Aug 31, 2022 Avertium announces new Detection-as-Code Content Packs in Fusion MXDR by leveraging SnapAttack By bringing offensive tradecraft into the defensive process, Avertium is taking one of many steps forward on the journey towards enabling proactive cybersecurity for each and every one of the clients we serve. Learn More
Threat Report | Aug 30, 2022 North Korea is the Threat Lately, North Korean threat actors have been extremely visible. While attacks from North Korea are not unusual, there has been an uptick in activity. Learn More
Blog | Aug 30, 2022 To CMMC & Beyond: What You can do Today to Prepare for CMMC Tomorrow The Cybersecurity Maturity Model Certification (CMMC) is coming–whether you’re ready or not. Today it’s primarily meant for the Department Learn More
Blog | Aug 24, 2022 Flash Notice: Palo Alto Network Firewall Bug Actively Exploited A high-severity vulnerability, CVE-2022-0028, was found in Palo Alto Networks’ PAN-OS. Learn More
Threat Report | Aug 23, 2022 When Cybercriminal Gangs Go Dark - Avaddon, AstraLocker & Conti Recently, threat actors like AstraLocker, Conti, and Avaddon have gone dark. Are these groups really saying goodbye or are they just rebranding? Learn More
Blog | Aug 22, 2022 Flash Notice: UPDATE - Apple Releases Security for Zero-Day Vulnerabilities Exploited by Attackers Apple released security updates for vulnerabilities (CVE-2022-32894 and CVE-2022-32893) found in iOS, iPadOS, MacOS Big Sur, and macOS Monterey. Learn More
Blog | Aug 18, 2022 Flash Notice: Zeppelin Ransomware Targets Healthcare Zeppelin ransomware is targeting the healthcare sector with a new campaign that involves multi-encryption tactics. Learn More
Blog | Aug 18, 2022 Flash Notice: [CVE-2022-2856] New Google Chrome Zero-Day Exploited by Attackers Google released a patch for their 5th zero-day vulnerability in 2022. CVE-2022-2856 is a high-severity bad input validation vulnerability impacting Chrome. Learn More
News | Aug 16, 2022 Avertium Ranks No. 781 on the 2022 Inc. 5000 Annual List of America's Fastest-Growing Private Companies Today, Inc. revealed that Avertium is #781 on its annual Inc. 5000 list, the most prestigious ranking of the fastest-growing private companies in America. Learn More
Threat Report | Aug 16, 2022 An In-Depth Look at Quantum Ransomware Quantum ransomware is a newer, lesser-known ransomware that operates with the RaaS model & has been successful with compromising healthcare organizations. Learn More
Threat Report | Aug 9, 2022 An In-Depth Look at the APT, Evilnum Active since 2018, the APT Evilnum is a group that initially targeted the financial sector but has now switched gears & is targeting immigration orgs. Learn More
Blog | Aug 9, 2022 Ransomware Lifecycle Attack Ransomware attacks have become increasingly more common. Learn about the lifecycle of a ransomware attack and how you can prevent one. Learn More
News | Aug 8, 2022 Avertium Recognized on the CRN Fast Growth 150 List for 2022 Avertium has been named to the CRN Fast Growth 150 list, ranking among the fastest growing North American It solution providers and technology integrators. Learn More
Webinar | Aug 5, 2022 The Art + Science of Pre-Crime Threat Hunting Threat hunting is an essential strategy. Learn about threat hunting vs. threat detection, emerging threat hunting methodologies, and much more. Watch Now
Blog | Aug 5, 2022 Flash Notice: Large Scale Phishing Attack Targeting Microsoft Email Servers A large-scale phishing campaign disclosed this week is primarily targeting corporate enterprise users of Microsoft email servers. Learn More
Threat Report | Aug 2, 2022 How Healthcare Organizations Can Stay Safe from API Vulnerabilities Application programming interfaces (APIs) are increasingly being used by healthcare firms, & threat actors are realizing how valuable they can be to target Learn More
Blog | Jul 29, 2022 Flash Notice: Atlassian Confluence Critical Hardcoded Password Vulnerability Under Active Exploitation A hardcoded credentials vulnerability was found by Atlassian last week in the Questions for Confluence app and is under active exploitation. Learn More
Threat Report | Jul 27, 2022 Healthcare Ransomware Threats - MedusaLocker & Maui FBI, CISA, + more recently issued joint warnings for Maui and MedusaLocker ransomware. Both are currently responsible for many cyber attacks in healthcare. Learn More
Threat Report | Jul 19, 2022 Everything You Need to Know About the APT, Fancy Bear Since 2008, Russian APT Fancy Bear has used fear & social engineering to trick victims into opening malicious email attachments or click malicious links. Learn More
Blog | Jul 14, 2022 Flash Notice: [CVE-2022-22047] Microsoft Zero-Day Actively Exploited, Impacting Server & Client Windows Platforms A zero-day, local privilege escalation vulnerability was found in the latest Widows 11 & Windows Server 2022 releases. It's being tracked as CVE-2022-22047 Learn More
Blog | Jul 13, 2022 Flash Notice: New Ransomware Family, HavanaCrypt, Disguises Itself as Fake Google Update Researchers at Trend Micro discovered a new ransomware family that’s being delivered as a fake Google software update - HavanaCrypt. Learn More
Threat Report | Jul 12, 2022 An In-Depth Look at Ransomware Gang, LockBit 3.0 As of 3/2022, the ransomware gang, LockBit, has re-branded itself as LockBit 3.0. LockBit 3.0, also known as LockBit Black, is active and in the wild. Learn More
News | Jul 11, 2022 Facing Ransomware, Healthcare Systems Can't Use 'Hope as a Strategy' Chief Healthcare Executive -- Cyberattacks have become an increasingly dangerous threat to hospitals. Healthcare systems must take action. Learn More
Threat Report | Jul 6, 2022 An In-Depth Look at Chinese APT ToddyCat ToddyCat is a new APT, has been active since December 2020, and has attacked several high-profile organizations within the government and military sectors. Learn More
Blog | Jul 6, 2022 Google Chrome Zero-Day Vulnerability Exploit [CVE-2022-2294] Over the 4th of July weekend, Google released a patch for a high-severity zero-day Chrome vulnerability. Learn everything you need to know in our blog. Learn More
Threat Report | Jun 28, 2022 How the Tables Have Turned - Russia vs. Ukraine Part Three Over the past 5 months, things have changed. It appears that Russia and Ukraine are now on equal footing regarding the Russia vs. Ukraine cyber war. Learn More
Blog | Jun 27, 2022 Flash Notice: [CVE-2022-29499] Critical Zero-Day Vulnerability Found in Mitel VoIP Appliance A ransomware attack was deployed against an unnamed mark using Mitel’s VoIP appliance as an entry point. CVE-2022-29499 is actively being used in the wild Learn More
Threat Report | Jun 21, 2022 An In-Depth Look at Chinese APT, Aoqin Dragon Active since 2013, the APT Aoqin Dragon flew under the radar for ten years before researchers at Sentinel Labs identified their activity. Learn More
Threat Report | Jun 14, 2022 An In-Depth Look at the Data Extortion Group, Karakurt This month, CISA issued a warning about a data extortion group called Karakurt. Let's take a detailed look at the group and their tactics. Learn More
Threat Report | Jun 7, 2022 The Top 5 Cyber Threats Within the Education Sector This report looks at the top 5 cyber threats within higher education & what the education sector can do to prevent devastating cyber attacks from happening Learn More
News | Jun 6, 2022 Avertium Named Winner of Coveted Global InfoSec Awards During RSA Conference 2022 Avertium Wins “Most Comprehensive MDR” and “Hot Company MSSP” in 10th Annual Global InfoSec Awards. Learn more! Learn More
Blog | Jun 6, 2022 Flash Notice: Critical Confluence Zero-Day Vulnerability Exploited by Attackers A critical unpatched remote code execution vulnerability (CVE-2022-26134) was found in Atlassian’s Confluence Server and Data Center products. Learn More
Threat Report | Jun 1, 2022 An In-Depth Look at Black Basta Ransomware 04/2022 - a new ransomware group named Black Basta, known for stealing corporate data & documents, began targeting several high-value organizations. Learn More
Blog | Jun 1, 2022 Flash Notice: "Follina" a Microsoft Office Zero-Day RCE Vulnerability Over the holiday weekend, a Windows/Office zero-day vulnerability, given the name Follina, was discovered and found to be exploited in the wild. Learn More
Threat Report | May 24, 2022 An In-Depth Look at AvosLocker Ransomware AvosLocker ransomware has recently caught the attention of both the FBI and cybersecurity researchers. This report takes an in-depth look at AvosLocker. Learn More
Blog | May 20, 2022 Flash Notice: VMWare Vulnerabilities Found in Multiple Products 5/19/22 - VMware issued patches for security flaws CVE-2022-22972 & CVE-2022-22973 found in Workspace ONE Access, Identity Manager, + vRealize Automation. Learn More
Webinar | May 18, 2022 How Your Third Parties are Making You Uninsurable Learn how threat actors are exploiting third-party risks and how insurance carriers can quantify those risks to write more comprehensive cyber policies. Watch Now
Webinar | May 18, 2022 How Did We Get Here? The Past, Present, and Future of Supply Chain Risk Learn about the impact of historical supply chain attacks, what the future of supply chain risk looks like, and what you can be doing to prevent a breach. Watch Now
Blog | May 18, 2022 CVE-2022-1040: Critical Sophos Firewall RCE Vulnerability CVE-2022-1040 is an authentication bypass vulnerability located in the User Portal and Webadmin areas of Sophos Firewall. Learn more! Learn More
Threat Report | May 17, 2022 API Attacks & Best Practices To keep your company from becoming a victim of an API attack, you’ll need to implement a security strategy that was built specifically for API attacks. Learn More
Threat Report | May 10, 2022 The Top 5 Cyber Threats Within the Manufacturing Industry We look at the top 5 cyber threats within manufacturing and how you can help prevent your organization from becoming another victim. Learn More
Blog | May 9, 2022 Flash Notice: [CVE-2022-1388] Critical Remote Code Execution Vulnerability Found in F5's BIG-IP Systems A critical vulnerability (CVE-2022-1388) was found in F5’s BIG-IP systems last week and is now being exploited in the wild. Learn More
News | May 2, 2022 How is the U.S. government preparing for critical infrastructure attacks? Help Net Security –- Paul Caiazzo, Advisor at Avertium, talks about critical infrastructure attacks, their potential impact, and what the U.S. government is doing to prepare for them. Learn More
Blog | Apr 28, 2022 Flash Notice: Critical RCE Vulnerability Found in VMware Workspace ONE Access & Identity Manager Threat actors are currently exploiting an RCE vulnerability due to a server-side template injection in VMware Workspace ONE Access and Identity Manager. Learn More
Blog | Apr 14, 2022 What's Quantum Computing Got to do With It? Today, we still hear about quantum computing + how it will break the current encryption methods on which we depend to secure and store data. To understand this threat, we need to understand how our current methods work. Learn More
Blog | Apr 1, 2022 VMware's Spring Boot Vulnerabilitiy & Exploit [CVE-2022-22965] A zero-day remote code execution (RCE) vulnerability (CVE-2022-22965) was found in VMware’s Spring Framework. Learn how to protect yourself. Learn More
Blog | Mar 31, 2022 How to Detect Ransomware: Best Practices for Avoiding Malware Attacks The best defense against ransomware is by understanding how ransomware works and how to effectively use mechanisms that detect it early. Learn More
Blog | Mar 29, 2022 Flash Notice: [CVE-2022-1096] Zero-Day Google Chrome Type Confusion Vulnerability 3/23/22 - Google was alerted about a dangerous zero-day vulnerability found in all Chromium based browsers. It's being tracked as CVE-2022-1096. Learn More
Ebook | Mar 23, 2022 2022 Ransomware Trends Dive into 6 trending ransomware threats and steps you can take to strengthen your network by signing up to download our free eBook. Learn More
Blog | Mar 23, 2022 Flash Notice: Authentication Company, Okta, Breached by Lapsus$ Okta Inc., an authentication company used globally, is at the center of a potential data breach caused by the data extortion group, Lapsus$. Learn More
Whitepaper | Mar 23, 2022 How to Raise Your Healthcare Organization’s Game to Combat Cybercriminals The American Hospital Association teamed up with Avertium in order to cultivate expert-based knowledge that could help you prevent an attack on your hospital. Read More
Blog | Mar 18, 2022 What Is Penetration Testing (Not All Pen Tests Are Created Equal) The goal of a penetration test is to answer the question: Are we secured? Can we withstand social engineering or other attacks? Learn more! Learn More
Blog | Mar 17, 2022 CaddyWiper Malware Vs RURansom Wiper (The Cyber War Continues) CaddyWiper, a data wiping malware, is targeting Ukrainian networks; while RURansom, which is also a wiper despite its name, is targeting Russian networks. Learn More
Blog | Mar 16, 2022 Flash Notice: Russian State-Sponsored Threat Actors Bypass Two-Factor Authentication Implementation, Gain Access to Cloud Storage Services The FBI & CISA issued a statement this week warning companies that Russian state-sponsored threat actors gained access to an unnamed organization’s network Learn More
Ebook | Mar 4, 2022 2022 Cybersecurity Predictions Find out Avertium's predictions for the cybersecurity industry in 2022, and get the tools and resources you need to be prepared. Learn More
Blog | Mar 1, 2022 Flash Notice: HermeticWizard, HermeticRansom, and IsaacWiper Target Ukraine This week, ESET researchers discovered three new cyber attacks against Ukraine: HermeticWizard, HermeticRansom, and IsaacWiper. Learn More
News | Feb 25, 2022 How to Prevent a Cyber Attack WATE News –- A round of cyber attacks happened hours before Russia invaded Ukraine. Jeff Schmidt, CEO of Avertium, shares how you can bulk up your cybersecurity. Learn More
News | Feb 25, 2022 Federal Agencies Warn of Cyber Threats After Russia Sanctions WBIR-TV Knoxville –- Avertium's insight on President Biden's 'shields up' message. Learn More
News | Feb 24, 2022 Fears Rise of Potential Russian Cyberattacks on US, Allies Over Sanctions DarkReading –- If past is precedent, the cyber impact of the war in Ukraine could be broad and bruising, experts say. Learn More
Blog | Feb 24, 2022 Cyber Threat Hunting & Workflow (Prevent Cyber Attacks) Cyber threat hunting is a proactive security strategy that searches through networks to detect & isolate advanced threats before they present themselves. Learn More
Blog | Feb 24, 2022 Flash Notice: [New Malware] - CISA Warns of Renewed Russian Threat as New Activity is Seen in Ukraine Tension between Russia and Ukraine is at an all-time high. While there are currently no credible threats to the U.S., there is still imminent possibility. Learn More
Blog | Feb 22, 2022 Flash Notice: [CVE-2021-24086] Critical RCE Bug in Adobe Commerce, Magento On February 18, 2022, Adobe released a patch for CVE-2021-24086 that fixes an RCE bug in the Magento Open Source and Adobe Commerce platforms. Learn More
Blog | Feb 15, 2022 Flash Notice: Moxa MXview Network Management Software has Critical Security Flaws On February 14, 2022, researchers from Claroty’s Team82 disclosed several security flaws in the Moxa MXview web-based network management system. Learn More
News | Feb 14, 2022 Avertium Recognized on CRN's Top 100 Managed Security Provider for Sixth Consecutive Year Avertium has been named to the Security 100 list for the sixth consecutive year, ranking among cybersecurity premium Managed Security leaders. Learn More
Blog | Feb 9, 2022 Flash Notice: LockBit 2.0 - FBI Releases New IoCs for Ransomware Attacks On Friday, February 4, 2022, the FBI released technical details and new indicators of compromise associated with LockBit 2.0. Learn More
Ebook | Jan 27, 2022 Looking Back & Moving Forward: An Overview of 2021 Cybersecurity Events & Predictions for 2022 Recall major attacks, trends, and innovations in the cybersecurity industry over 2021, and find out Avertium's predictions for the industry in 2022. Learn More
Blog | Jan 26, 2022 Flash Notice: “PwnKit”: Linux PolicyKit Security Vulnerability Discovered in Polkit’s Pkexec, Hiding in Plain Sight for 12 years A memory corruption vulnerability was discovered in Polkit’s pkexec. CVE-2021-4034, aka PwnKit, could allow unprivileged users to gain root privileges by exploiting it in its default configuration. Learn More
Blog | Jan 26, 2022 Flash Notice: Threat Actors Target SonicWall RCE Vulnerability (CVE-2021-20038) New exploits of a critical vulnerability (CVE-2021-20038) affecting SonicWall's Secure Mobile Access (SMA) gateway was discovered yesterday. Learn More
News | Jan 20, 2022 Optiv, Reliaquest Among LogRhythm Partners Honored With Americas Partner Awards Channel Futures -- LogRhythm partners are honored this week with the company's 2021 Americas Partner Awards. Learn More
News | Jan 20, 2022 Avertium Named LogRhythm Managed Services Partner of the Year The 2021 LogRhythm Managed Services Partner of the Year award for Avertium follows being named LogRhythm’s “Rising Star” partner in 2020. Learn more! Learn More
News | Jan 19, 2022 LogRhythm Announces 2021 Americas Partner Award Winners at Annual Revenue Kickoff Meeting Yahoo -- Awards Recognize Partners for Providing Exceptional Value and Solving Customers' Business Challenges Through LogRhythm's NextGen SIEM Platform Learn More
Blog | Jan 19, 2022 Cybersecurity Best Practices & Principles [Updated 2022] In order to use more sophisticated cyber security tools & techniques, organizations need to have a decent understanding of cybersecurity best practices. Learn More
Blog | Jan 18, 2022 Flash Notice: Microsoft Warns - Ukrainian Organizations Targeted by Destructive Malware Disguised as Ransomware Microsoft published a report detailing their discovery of malware disguised as ransomware being used to corrupt systems of several Ukrainian organizations. Learn More
Blog | Jan 3, 2022 Flash Notice: Y2K22? Microsoft Exchange Server Breaks as we Welcome the New Year As the clock struck midnight on 1/1/2022, Microsoft had an unexpected hiccup with its Exchange servers, which meant the servers couldn't process mail. Learn More
News | Dec 30, 2021 Avertium's Paul Caiazzo Featured at the 2021 Channel Partners Conference & Expo This year's Channel Partners Conference featured a variety of experts in the fields of technology and cybersecurity including Avertium's own Paul Caiazzo. Learn More
Blog | Dec 13, 2021 Flash Notice: (UPDATED) Zero-Day Vulnerability - Log4Shell is a Critical Threat to Applications Security teams are in a hurry to patch an unknown active vulnerability that was found in Apache’s Log4j and is now named Log4Shell ((CVE-2021-44228). Learn More
Blog | Dec 10, 2021 UPDATE: APT Group Continues to Exploit Multiple Zoho ManageEngine Vulnerabilities Due to an unsuccessful patch in Zoho ManageEngine ServiceDesk Plus in September 2021, several undisclosed organizations have been compromised by APT Group Learn More
Blog | Dec 7, 2021 Flash Notice: APT Group Continues to Exploit Zoho ManageEngine ServiceDesk Plus Vulnerability Due to an unsuccessful patch in Zoho ManageEngine ServiceDesk Plus in September 2021, several undisclosed organizations have been compromised by APT Group Learn More
Blog | Dec 2, 2021 Flash Notice - Wormable Security Vulnerability Found in Several HP Printer Models Cyber security researchers have discovered two vulnerabilities, now named Printing Shellz, that affect 150 different HP multifunction printers. Learn More
Blog | Dec 1, 2021 Everything you need to know about HITRUST - r2, bC, & i1 Assessments This blog provides a HITRUST assessment overview and answers your HITRUST certification questions including 'What is HITRUST?' and how to become certified. Learn More
Blog | Nov 30, 2021 RaaS gangs, Drive-By Downloads, and Botnets - Are You a Target? Don't fall behind on RaaS gang trends - find out more about drive-by downloads, botnets, and what they could mean for your IT environment. Learn More
Blog | Nov 29, 2021 Flash Notice - Windows Zero-Day 'InstallerFileTakeOver' Vulnerability Allows Unauthorized Users to Become an Admin During Patch Tuesday, Microsoft fixed a zero-day Windows vulnerability. However, the patch was bypassed and led to a new privilege elevation vulnerability named ‘InstallerFileTakeOver’. Learn More
Blog | Nov 19, 2021 Flash Notice - APT Group Exploits FatPipe Zero-Day Vulnerability for 6 Months The FBI issued a notice yesterday warning that APT has been exploiting a zero-day vulnerability in FatPipe’s router clustering and load balancer products. Learn More
Blog | Nov 19, 2021 Flash Notice - Emotet Botnet is Back with New Spam Campaigns Last seen in January 2021, after law enforcement took them down, Emotet is back & is using TrickBot to install Emotet malware on infected Windows systems. Learn More
Blog | Nov 17, 2021 Flash Notice - BotenaGo Botnet Could Affect Millions of Routers & IoT Devices A new botnet named BotenaGo has been seen in the wild targeting a number of IoT devices & routers. BotenaGo can exploit up to 30 different vulnerabilities. Learn More
Ebook | Nov 15, 2021 Creating a Business-First Incident Response Plan Breaches are no longer a simple ransom to be paid. The ripple effect that follows an attack can leave a long-lasting impact if your company is not prepared. Learn More
Blog | Nov 9, 2021 Flash Notice - Philips TASY EMR Vulnerabilities Could Cause Patient Data Breach On November 5, 2021, Philips advised their customers of two security vulnerabilities that may cause a patient data breach in their TASY EMR HTML5 system. Learn More
Blog | Nov 4, 2021 Avertium Joins the Microsoft Intelligent Security Association Avertium, a cybersecurity services partner, joins the Microsoft Intelligent Security Association (MISA). Learn More
Blog | Oct 26, 2021 CIOReview Awards Avertium – Security You Can Trust CIOReview awards Avertium as 2021's " Most Promising Enterprise Security Solution Providers". Learn More
Blog | Oct 22, 2021 Cyber Insurance - Is Advanced Protection Worth it? Learn more about cyber insurance by understanding what it provides, how to pick a plan, and how it could save your organization in case of a breach. Learn More
Blog | Oct 8, 2021 American Hospital Association + Avertium Emphasize the Growing Need for Cybersecurity in Healthcare Avertium worked with LogRythm and the American Hospital Association to create an eBook meant for healthcare and its ever-growing need for cybersecurity. Learn More
Blog | Oct 7, 2021 Third-Party Supply Chain Risk - Valuable Partners or Potential Threats? Your organization's supply chain could serve as an entry point for threat actors. Learn how to manage potential threats that may arise from your vendors. Learn More
Blog | Oct 6, 2021 Flash Notice - Apache Fixes Zero-Day Vulnerability on Airflow Servers Researchers from Intezer published details about two Apache Airflow Server vulnerabilities that are being tracked as CVE-2021-41773. Learn More
Whitepaper | Oct 5, 2021 How to Raise Your Healthcare Organization’s Game to Combat Cybercriminals The American Hospital Association teamed up with Avertium in order to cultivate expert-based knowledge that could help you prevent an attack on your hospital. Read More
News | Sep 30, 2021 Avertium’s Paul Caiazzo Named “CISO of the Year” in 2021 CyberSecurity Breakthrough Awards Program Chief Information Security Officer, Paul Caiazzo, has been named “CISO of the Year” in the fifth annual CyberSecurity Breakthrough Awards program. Learn More
News | Sep 29, 2021 Avertium and Black Kite Announce Strategic Partnership in New Approach to Attack Surface Monitoring Avertium announces a joint partnership through Black Kite’s Aviator Partner Program to provide a comprehensive approach to attack surface monitoring and supply chain cyber security risk. Learn More
Blog | Sep 27, 2021 Avertium Named to MSSP Alert’s Top 250 MSSPs List for 2021 The list identifies the top MSSPs, managed detection and response (MDR) and Security Operations Center as a Service (SOCaaS) providers worldwide. Learn More
Blog | Sep 24, 2021 Flash Notice - Critical VMware vCenter Server Flaw VMware released a statement detailing how Internet-exposed vCenter servers are actively being targeted by attackers. Learn More
Blog | Sep 23, 2021 Flash Notice - Microsoft Azure OMIGOD Vulnerability The researchers at Cloud security company, Wiz, disclosed a new vulnerability, OMIGOD, that affects Microsoft Azure. Learn More
Ebook | Sep 21, 2021 Why the Time is Now for CISOs to Advocate for Cybersecurity In this current moment of data breaches...CISOs have an opportunity to position cybersecurity investment as the path to innovation - not a blocker. Learn More
Blog | Sep 20, 2021 T-Mobile Data Breach Review: 40 Million Customers Compromised On August 17th, 2021, a ransomware attack caused a T-Mobile data breach, compromising over 40 million people’s PII. Here's what you need to know. Learn More
Webinar | Sep 15, 2021 Appgate: Practical Steps to Deploying Zero Trust Network Access Learn about Zero Trust Network access fundamentals, the benefits of ZTNA, and the challenges you might encounter as you make the shift to a ZTN model. Part 2 of a 3-part series. Watch Now
Webinar | Sep 15, 2021 Scaling Remediation in the Face of Competing Priorities Learn how you can leverage NIST CSF to scale a vulnerability management program and accelerate your remediation efforts. Watch Now
Webinar | Sep 15, 2021 Remote Workforce + Data Breach: A Perfect Storm With companies having to quickly pivot to a remote workforce, it's important to adapt your incident response (IR) plan, data privacy procedures, and more. Watch Now
Webinar | Sep 15, 2021 Appgate: When “Trust but Verify” isn’t enough. Learn about Zero Trust Network access fundamentals, the benefits of ZTNA, and the challenges you might encounter as you make the shift to a ZTN model. Watch Now
Webinar | Sep 15, 2021 New Techniques to Strengthening Threat Detection and Response Learn about the role of a SIEM in a ZTNA approach to cybersecurity. Watch Now
Webinar | Sep 15, 2021 Key Shifts in Identity Management and Governance Webinar discussing key shifts in identity management and governance - providing adjustments and tools to prepare for getting back to onsite work patterns. Watch Now
Webinar | Sep 15, 2021 Zero Trust: Fast-Tracking Security in the New Work Anywhere Norm Recent world events (COVID-19) have fundamentally changed the way organizations enable employees and provide them access to critical applications and data. Watch Now
Webinar | Sep 15, 2021 Rising Ransomware Attacks, the Advent of XDR, & What it Means for the Future of Threat Detection and Response Highlighting security challenges (and more) for companies that operate in multi-cloud environments, having a highly interconnected supply chain that must now accommodate a hybrid workforce model. Watch Now
Webinar | Sep 15, 2021 Securing Remote Workers; Fact & Fiction Webinar providing tips on how to secure your company network, endpoints and remote workers in a remote working model. Watch Now
Webinar | Sep 15, 2021 How to Implement a Risk-Based Strategy for "Killer" Threat Hunting Programs Learn the elements of a threat hunting program, how to utilize NIST CSF and the Enterprise ATT&CK framework, and review recent ransomware case studies. Watch Now
Whitepaper | Sep 15, 2021 Strengthening Cybersecurity with Consensus: How to Build Positive Board Relationships For CISOs looking to strengthen their cybersecurity posture, board buy-in is a helpful ally. This free guide details tangible action steps that CISOs can take. Read More
Guide | Sep 15, 2021 8 Steps to Take if You've Been Breached When it comes to a security breach, fast detection, mitigation and response are vital for reducing impact. This guide gives a formal, methodical approach. Learn More
Infographic | Sep 15, 2021 5 Ways to Prevent Ransomware [Infographic] Avertium offers five ways for your security team to prevent ransomware. Learn More
Guide | Sep 15, 2021 6 Steps to Implementing a Zero Trust Network This guide offers the 6 steps to implementing a zero trust network (ZTN) cybersecurity strategy to protect against cyber threat and improve your program. Learn More
Whitepaper | Sep 15, 2021 Security Operations Maturity Model (SOMM) Avertium and LogRhythm explain SIEM pricing models and educate SIEM buyers on how to mitigate security and financial risks associated with business growth. Read More
Ebook | Sep 15, 2021 7 Metrics to Measure the Effectiveness of Your Security Operations Avertium and LogRhythm explain metrics to measure the effectiveness of your security operations (SecOps) to detect and respond to cybersecurity events. Learn More
Whitepaper | Sep 15, 2021 Budgeting for a Modern SIEM Avertium and LogRhythm explain SIEM pricing models and educate SIEM buyers on how to mitigate security and financial risks associated with business growth. Read More
Whitepaper | Sep 15, 2021 HIPAA Privacy During a COVID-19 Outbreak Re-Occurrence Learn how to stay HIPAA compliant with the Privacy Rule and OCR Notifications of Enforcement Discretion during a COVID-19 pandemic outbreak re-occurrence. Read More
Webinar | Sep 15, 2021 HIPAA Compliance in a Pandemic Join the CEO of Avertium, Jeff Schmidt, for a discussion on the implications the pandemic has and will continue to have on HIPAA compliance. Watch Now
Ebook | Sep 15, 2021 9 Steps to Manage Third-Party Information Security Risk 9 essential steps to managing third-party vendor risk that every information security professional can adopt for their organization. Learn More
Whitepaper | Sep 15, 2021 The Risky Business of SaaS + Hybrid Cloud and What to do about it Securing Your SaaS and Hybrid Cloud Solutions white paper examines opportunities, risks and best practices to integrate cloud into your security posture. Read More
Whitepaper | Sep 15, 2021 4 Trending Phishing Techniques and Tips for Detection Avertium teams up with LogRhythm to explain trending phishing techniques and gives tips for detecting phishing attacks using SIEM technology. Read More
Whitepaper | Sep 15, 2021 Guide to Selecting an MSSP or In-house Solution A complete guide to help you decide on whether to manage your SOC in-house or use an MSSP. Read More
Whitepaper | Sep 15, 2021 Threat-Based Security at the Intersection of MITRE ATT&CK and NIST CSF Examine how to use the NIST CSF in conjunction with MITRE ATT&CK to help define and enact threat-based cybersecurity and break the intrusion kill chain. Read More
Whitepaper | Sep 15, 2021 Building an XDR Solution: Factors You Ought to Consider for ZTNA, EDR, Vulnerability Scanning and SIEM White paper on building an XDR solution with ZTNA, EDR, vulnerability scanning and SIEM technologies and the factors you should consider for each. Read More
Whitepaper | Sep 15, 2021 XDR is Not Only About Technology and Why this Matters Learn why XDR is more than technology in order to achieve a proactive and more mature security posture. Read More
Webinar | Sep 15, 2021 Navigating Cybersecurity & Managing Data Breach Risks Webinar providing tips on how to secure your company network, endpoints and remote workers in a remote working model. Watch Now
Webinar | Sep 15, 2021 Mitigating Remote Work-Related Threats Recent world events (COVID-19) have fundamentally changed the way organizations mitigate remote work-related threats. Watch Now
Webinar | Sep 15, 2021 5 Essential Steps to Creating a Relevant Incident Response Plan Incident response templates are readily available online but how well do they work for your company's specific policies, procedures, and workflows? Watch Now
Checklist | Sep 15, 2021 The Ultimate Incident Response Plan Checklist A cybersecurity incident response plan for a data breach takes thoughtful planning. Learn what's needed with this incident response (IR) planning checklist. Learn More
Ebook | Sep 14, 2021 Leveraging Zero Trust Architecture to Contain & Combat Ransomware Gain visibility on who's on your network by signing up to download our free eBook discussing how you can contain ransomware utilizing Zero Trust. Learn More
Blog | Sep 9, 2021 Lockbit 2.0 Ransomware: An In-Depth Look At Lockfile & LockBit Emerging in July 2021, LockFile has compromised over 300 servers in an ongoing ransomware campaign. Learn more! Learn More
Blog | Sep 9, 2021 Flash Notice – Microsoft Issues Warning for Remote Code Execution Vulnerability A statement has been released by Microsoft warning users of a remote code execution vulnerability in Office 365 and Office 2019 on Windows 10. Learn More
Blog | Aug 24, 2021 Threat Actor Profile – “BlackMatter” Ransomware BlackMatter began making its presence known as a ransomware-as-a-service (RaaS) gang in 2021. Read more for indicators of compromise and our recommendations. Learn More
Blog | Aug 18, 2021 Email Phishing Campaigns (Beware Of These Scams) We discuss the similarities between Photo Copyright email phishing campaigns and SharePoint phishing campaigns. Learn more! Learn More
Blog | Aug 13, 2021 Flash Notice – The PrintNightmare Continues These disappointing developments coincide with reports of ransomware groups exploiting the PrintNightmare family of vulnerabilities in the wild. Learn More
Blog | Aug 10, 2021 XDR: Tech Stack, Service, Process, or All Three? What is eXtended Detection Response (XDR)? Is it a process, a tech stack, or a service? How does it differ from MDR and EDR? Learn More
Blog | Aug 3, 2021 Microsoft Exchange Server Breach is Formally Attributed to China by the U.S The extensive breach of Microsoft Exchange Server early this year has been formally attributed to China by the United States & several allies. Learn More
Blog | Aug 3, 2021 President Biden’s Executive Order on Cybersecurity: What it does & What it doesn’t do The growing need for cybersecurity has brought onto a new executive order. Read more to learn about what this means and where it falls short. Learn More
Blog | Jul 28, 2021 A Zero Trust Network Architecture (ZTNA) POV with Appgate As Zero Trust becomes more relevant, Appgate x Avertium leads the way in accelerating the customer's Zero Trust journey. Learn More
Blog | Jul 22, 2021 July 4th Post Mortem on PrintNightmare and REvil The latest noteworthy exploit leveraged a vulnerability in Microsoft’s Print Spooler Service to target IT Solutions company, Kaseya. Learn More
Blog | Jul 16, 2021 Flash Notice: SonicWall Warns of Imminent Ransomware Attack Against EOL Products SonicWall has released an urgent security bulletin to their customers using unpatched, end-of-life Secure Mobile Access 100 series and Secure Remote Access products. Learn More
Blog | Jul 7, 2021 Summary of the International Institute for Strategic Studies’ Nation-State Cyber Power Assessment A recent study, conducted by the International Institute for Strategic Studies, assessed the cyber power of 15 different nation-states. Learn More
Blog | Jul 1, 2021 CobaltStrike Overview This report is about the use of the well-known tool CobaltStrike in adversarial campaigns, CobaltStrike dates all the way back to 2016. Learn More
Blog | Jun 28, 2021 Attack Surface Management vs. Vulnerability Management Today's attack surface management extends beyond your physical IT assets, now encompassing your entire digital footprint, and vulnerability management focus on software and code-based variabilities. Learn More
Blog | Jun 25, 2021 Flash Notice: Avertium Detects Increase in “Stolen Images” Phishing Campaign Avertium security teams have detected an uptick in “Stolen Images” phishing emails. This campaign accuses the email recipient of using... Learn More
Blog | Jun 23, 2021 APT38 Threat Actor Profile We dive into the threat actor profile on APT38. APT38 is a nation-state-level threat group associated with the North Korean regime. Read more on its tactics. Learn More
Blog | Jun 15, 2021 REvil Ransomware Overview This is a Threat Actor Profile on REvil, a RaaS syndicate. Most recently, the REvil ransomware group was connected to the attack on the JBS Meat Company. Learn More
Blog | May 26, 2021 Flash Notice: VMware discloses critical vCenter server vulnerabilities On May 25, 2021, VMware released a new critical security advisory, VMSA-2021-0010 (CVE-2021-21985 & CVE-2021-21986), affecting vCenter Server 6.5, 6.7, and 7.0. Learn More
Blog | May 26, 2021 Examining the relationship between Vulnerability Announcements & the increase in attacks until mitigated This report discusses the relationship between the time a new vulnerability is announced & the increase in attacks against it until patched. Learn More
Blog | May 21, 2021 You're Secure - But are Your Vendors? Assessing Third Party Risk With 3rd Party Risk in Cybersecurity, security teams can focus on more than just what to do AFTER an attack happens - remediation and containment. Learn More
Blog | May 18, 2021 Malware Campaign utilizes Microsoft Executable MSBuild This report is about a malware campaign using a well-known Microsoft executable called MSBuild to propagate in a file-less manner. Learn More
Blog | May 18, 2021 Avertium Named Winner in the Coveted Global InfoSec Awards 2021 Avertium Wins “Next-Gen in Managed Security Service Provider (MSSP)” In 9th Annual Global InfoSec Awards at #RSAC 2021 Learn More
Blog | May 14, 2021 FiveHands Ransomware Overview This report is an overview of the FiveHands Ransomware variant that successfully attacked an organization (CISA release date May 6, 2021). Learn More
Blog | May 11, 2021 Avertium, Med Tech Solutions, and LIFARS announces Security Alliance delivering comprehensive, Always-On Cloud Security for Healthcare Organizations Three-way partnership creates the first solution combining managed cloud services, managed SOC, & incident response for the healthcare industry. Learn More
Blog | May 6, 2021 Overview of the BadAlloc Vulnerabilities This report is an overview of a series of vulnerabilities discovered by Microsoft’s Section 52 research team, labeled “BadAlloc”. Learn More
Blog | May 5, 2021 Dell BIOS Driver Privilege Escalation Flaws Hundreds of millions of Dell Computers (desktops, laptops, notebooks, and tablets), could be vulnerable to a BIOS Driver Privilege Escalation Flaw. Learn More
Blog | Apr 27, 2021 Exploitation Campaign by two threat actor groups affects pulse secure The Pulse Secure vulnerability CVE-2021-22893 affects the following software releases: PCS 9.0R3/9.1R1 and higher. Learn More
Blog | Apr 21, 2021 The Rise of RaaS Gangs + What You Need to Know As we move into 2021, ransomware attacks continue to rise and are increasingly executed through Ransomware as a Service (RaaS) gangs. Learn more. Learn More
Blog | Apr 13, 2021 Phishing Campaign targets the Medical Research community This report is about a well-known threat targeting the medical research community in both the United States and Israel. Learn More
Blog | Apr 8, 2021 Does CMMC Immunize You to Ransomware? Does CMMC immunize you to ransomware? Let's find out and discuss not only the requirement but also some of the perceived benefits of implementing such a framework. Learn More
Blog | Apr 7, 2021 Two Vulnerabilities affect FireEye EX 3500 This report is about two vulnerabilities affecting FireEye EX 3500. The vulnerabilities are identified as CVE-2021-28970 and CVE-2021-28969. Learn More
Blog | Mar 22, 2021 Zoom Screen-Sharing Vulnerability displays Unauthorized Information A vulnerability discovered in Zoom may allow users in the meeting to see information on a screen-share that they weren't authorized to view. Learn More
Blog | Mar 11, 2021 Operation Exchange Marauder: Mass exploitation of Microsoft Exchange On March 2, 2021, Microsoft released a series of emergency security patches for Exchange Server 2019, 2016, 2013, and 2010 in order to combat several vulnerabilities. Learn More
Blog | Mar 9, 2021 Growing Cybersecurity Company announces Chief Revenue Officer to Support Expansion Today, Avertium announced the appointment of Ben Masino as the company’s Chief Revenue Officer (CRO). Learn More
Blog | Mar 8, 2021 DarkSide Ransomware Overview DarkSide ransomware is a Ransomware-as-a-Service (RaaS), primarily targeting Windows systems with the ability to target Linux OS variants. Learn More
Blog | Feb 22, 2021 New Phishing Campaign uses Morse Code to avoid detection This report is about a new phishing campaign that uses a unique method of obfuscation to avoid detection by traditional security appliances. Learn More
Blog | Feb 15, 2021 Severe Windows Vulnerabilities impact Windows Client & Server OS Versions 7 and Above This report is about three high severity Windows TCP/IP vulnerabilities tracked as CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086. Learn More
Blog | Feb 9, 2021 Zero Trust SIEM Strategy (Role of SIEM in Zero Trust Environment) Learn how your Security information and event management (SIEM) aids in mitigating risk as part of your larger Zero Trust Strategy. Learn More
Blog | Feb 3, 2021 Heap-Based Buffer Overflow Vulnerability Discovered in Sudo (TIR-20210131) This report is regarding a recently discovered heap-based buffer overflow vulnerability within the widely used Sudo utility. Learn More
Blog | Jan 24, 2021 Recent additions to TeamTNT Malware Campaign on Cloud Environments This report is about the recent additions to the TeamTNT malware campaign to infect cloud environments and it is updated to capture AWS IAM user details more effectively. Learn More
Blog | Jan 6, 2021 New Golang Worm targets MySQL, Jenkins, Oracle WebLogic and other public services Threat report on the new malware Golang Worm which is targeting services such as MySQL, Jenkins, and Oracle WebLogic. Learn More
Blog | Jan 6, 2021 Zyxel Firewall Backdoor Vulnerability CVE-2020-29583 This outlines the TTP for the Zyxel Firewall backdoor vulnerability CVE-2020-29583. It also provides mitigation recommendations. Learn More
Blog | Dec 28, 2020 What is Mobile App Testing? Cybersecurity specialists utilize an assortment of tests and techniques to screen for vulnerabilities in order to evaluate the security of a mobile app. Learn More
Blog | Nov 16, 2020 PyXie distributing ransomware tools targeting Healthcare, Education, Government and Technology companies This threat report is about bad actor PyXie Group's ransomware tools targeting various sectors including healthcare, education, government, and technology. Learn More
Blog | Nov 10, 2020 What you need to know about Telemedicine, HIPAA Compliance and the Pandemic What you need to know about evolving telemedicine policies and HIPAA compliance during this pandemic. Learn More
Blog | Nov 3, 2020 Multiple Oracle WebLogic Server Vulnerabilities Remotely Exploitable without Authentication This threat report is about the Oracle WebLogic Server vulnerabilities and the patches available. Learn More
Blog | Oct 30, 2020 3 Scary Stories of Data Breach Disasters 3 data breach stories that could happen to any company and that could've been preventable. Learn More
Blog | Oct 27, 2020 TeamTNT Attacks Cloud Environments TeamTNT attacks cloud environments with Weave Scope. This report describes the tactics, techniques, and procedures used and how to defend against them. Learn More
Blog | Oct 27, 2020 What Is Security Orchestration, Automation and Response (SOAR)? Security orchestration, automation, and response (SOAR) automates and accelerates security operations, analytics and reporting. Learn More
Blog | Oct 22, 2020 We have an MDR...do we still need a SIEM? Explains what MDR and SIEM are, and how they can work together to provide you with a superior cybersecurity solution. Learn More
Blog | Oct 20, 2020 Culture of Collaboration: Fanatical Testing and Instrumentation We can use this idea to develop organizational controls and processes to prevent, detect, respond to and recover from cyber-attacks. Learn More
Blog | Oct 20, 2020 Translating Paper into Trust Edward Vasko explains how collaboration can lead to security controls tailored to minimize their impact on job performance. Learn More
Blog | Oct 20, 2020 Why (and How) Company Leadership should create a culture of Security Collaboration The goal is to balance security risks against business objectives and develop sensible controls that reduce the biggest risks with minimal impact on job performance. Learn More
Blog | Oct 20, 2020 Understanding Personal Data Privacy Compliance Obligations to protect your customers, partners and employees Due to the many personal data privacy compliance requirements and non-compliance sanctions, organizations should understand regulations. Learn More
Blog | Oct 19, 2020 SonicWall Vulnerability may allow denial of service attack This is a threat report about a critical SonicWall vulnerability tracked as CVE-2020-5135 that can allow a Denial of Service attack. Learn More
Blog | Oct 15, 2020 What Is Extended Detection and Response (XDR) and why is it gaining momentum as a security solution? Learn what extended detection and response is and how XDR is evolving into the successor to end-point detection and response (EDR) solutions. Learn More
Blog | Oct 14, 2020 What Is MITRE ATT&CK and how is it being used? This article answers the question, What is MITRE ATT&CK? and explains ways to use ATT&CK daily to protect your environment against adversarial TTPs. Learn More
Blog | Oct 13, 2020 Backdoor targets Content Management Systems (CMS) This report describes the tactics, techniques, and procedures for backdoor malware with shell capability and targets content management systems. Learn More
Blog | Oct 11, 2020 Latest Phishing Campaign lures Defense and Aerospace Workers with Fake Job Offers This report outlines the latest phishing campaign targeting defense and aerospace workers and how to protect against it. Learn More
Blog | Oct 8, 2020 Threat Focus: What is Ransomware-as-a-Service? This post answers "What is ransomware-as-a-service?" and explains how the cybersecurity threat is evolving and ways to protect your business. Learn More
Blog | Oct 7, 2020 Avertium Named to the MSSP Alert Top 250 MSSPs List Avertium named to MSSP Alert's 2020 Top 250 MSSPs list. This is the second consecutive year that Avertium has been included. Learn More
Blog | Oct 6, 2020 What every Cybersecurity Pro should understand about Insider Threats Understand insider threats - both malicious and accidental - since they are prevalent, yet often an avoidable type of cybersecurity threat. Learn More
Blog | Oct 1, 2020 Ransomware Vs. Phishing Vs. Malware (What's The Difference) Malware, ransomware, and phishing attacks are nothing new to enterprise and small business cybersecurity teams. Learn the basics you need to know. Learn More
Blog | Sep 29, 2020 What Software Companies looking to develop for the Healthcare Industry need to know Many software companies looking to develop for the healthcare industry are unaware they must be HIPAA compliant. Learn more. Learn More
Blog | Sep 28, 2020 Cisco Aironet APs vulnerability risks DoS This threat report is about a vulnerability recently discovered in Cisco Aironet Access Points (APs) known as CVE-2020-3560. Learn More
Blog | Sep 24, 2020 Zero Trust Beyond VPN Replacement: Earning the Most Value for Your Investment Learn about zero-trust network access (ZTNA) beyond VPN replacement and how to realize the most value for your investment. Learn More
Blog | Sep 23, 2020 Understanding the Difference Between an MSSP and MDR The decision between MSSP vs. MDR should be based on specific factors. Learn how you can make the right choice for your organization. Read the blog. Learn More
Blog | Sep 17, 2020 How Multi-Cloud Environments Expand Your Attack Surface and How to Manage and Reduce the Risk Learn how multi-cloud environments expand your attack surface, best practices to manage and reduce the risk Learn More
Blog | Sep 16, 2020 Avertium enhances LogRhythm expertise with acquisition of 1440 Security Sunstone Partners-backed Avertium acquires national MSSP 1440 Security to enhance LogRhythm and advanced threat detection capabilities. Learn More
Blog | Sep 15, 2020 How to Leverage Your SIEM to Detect and Respond to Ransomware The key to detecting ransomware is laying the necessary groundwork first. Avertium explores how to leverage SIEM technology to respond to attacks. Learn More
Blog | Sep 14, 2020 Palo Alto Firewall vulnerabilities discovered and patched This threat report is about a series of Palo Alto firewall vulnerabilities in the software suite ranging in criticality. Learn More
Blog | Sep 9, 2020 Why Enterprises are Adding Chief Privacy Officer to C-Level Leadership Learn why the Chief Privacy Officer is needed for personal data privacy strategic decision making and why the CPO is here to stay. Learn More
Blog | Sep 8, 2020 Assessing whether you need Virtual CISO (vCISO) Services, and what to expect Learn if you need virtual CISO (vCISO) services for cybersecurity leadership to improve security and meet regulations and compliance. Learn More
Blog | Sep 3, 2020 The Cybersecurity Talent Shortage: Myth or Truth? Explore the myths and facts surrounding the cybersecurity talent shortage and what you can do about it with MSSP and consulting. Learn More
Blog | Sep 1, 2020 Vulnerability Management: Is In-Sourcing or Outsourcing right for you? Examine the different components of vulnerability management and when and where outsourcing makes sense to your program. Learn More
Blog | Aug 31, 2020 WooCommerce vulnerabilities in WordPress plugin discovered This threat report provides actionable intelligence about WooCommerce vulnerabilities discovered in Discount Rules in the WordPress plugin. Learn More
Blog | Aug 27, 2020 Attributes of a robust Vulnerability Management Program The attributes of a robust vulnerability management program that protects enterprises in a challenging security environment. Learn More
Blog | Aug 25, 2020 Importance Of Vulnerability Assessments (Do You Need One?) Since a vulnerability assessment is designed to identify the flaws in software that an attacker can exploit, any organization can benefit. Learn more! Learn More
Blog | Aug 24, 2020 MassLogger Malware This threat report provides an overview of the MassLogger malware, the tactics, techniques and procedures, and what you can do to protect your organization. Learn More
Blog | Aug 20, 2020 EDR vs. MDR: Which Threat Detection is Right for You? This post explores using EDR vs. MDR for threat detection to protect against cybersecurity threats to help determine which is right for your organization. Learn More
Blog | Aug 18, 2020 Is Artificial Intelligence (AI) in Cybersecurity the ultimate solution? Short Answer: No, and also Yes This post provides an examination of artificial intelligence in cybersecurity for a more profound understanding of precisely what AI can and cannot do. Learn More
Blog | Aug 17, 2020 Russian Drovorub malware affects Linux Systems This threat report covers the Drovorub malware, which affects Linux systems and is attributed to the Russian military unit known as the GRU. Learn More
Blog | Aug 13, 2020 Using Application Whitelisting Best Practices to Stop Malware We dive into the difference between whitelists vs. blacklists to explore using application whitelisting software in order to stop malware. Read the blog. Learn More
Blog | Aug 11, 2020 Make PCI Compliance Easier; Automate PCI DSS Requirement 11.2 Automating PCI DSS Requirement 11.2 using vulnerability scanning is the best way for a merchant or service provider to fulfill the mandate. Learn More
Blog | Aug 6, 2020 Least Privilege: Minimizing Permissions to Improve Cybersecurity Why least privilege through minimizing permissions and account separation is worth the resulting lowered exposure to cyberattacks. Learn More
Blog | Aug 5, 2020 Ensiko Web Shell Infects Windows, Linux and MacOS Systems This threat report provides actionable intelligence to protect against the Ensiko web shell that affects Windows, Linux, and MacOS systems. Learn More
Blog | Aug 4, 2020 How to apply SOC 2 Type 2 Trust Services criteria to your business This article explains the SOC 2 Type 2 Trust Service Criteria (TSC) for SOC audit reports and how to apply them to your business. Learn More
Blog | Jul 30, 2020 Demystifying Zero Trust: What is Zero Trust Security, and how can it bolster your environment? What is Zero Trust security? How can it bolster your information security environment? Learn if a zero trust security model is right for your organization. Learn More
Blog | Jul 28, 2020 SOC Audit Report Basics: The What, Why, Who and How Learn SOC audit report basics: What is a SOC audit report, what's the difference between a SOC 1, SOC 2 and SOC 3 report, Type 1 vs. Type 2, and more. Learn More
Blog | Jul 27, 2020 SIGRed "Wormable" DNS Server vulnerability is critical to address SIGRed, assigned as "wormable" DNS Server vulnerability may allow malicious actor Domain Administrator rights with devastating financial impact. Learn More
Blog | Jul 20, 2020 Zoom Client for Windows Vulnerability recently discovered Threat report about a newly discovered Zoom Client for Windows vulnerability that allows a remote attacker to execute arbitrary code on a victim’s computer. Learn More
Blog | Jul 17, 2020 Why Root Cause Analysis is Crucial to Incident Response (IR) Performing incident response root cause analysis can help your organization identify outlying factors that may have contributed to a data breach. Read more. Learn More
Blog | Jul 15, 2020 How to write a Business Continuity Plan to fit your enterprise How to write a business continuity plan to fit your business, including primary goals, what a BCP includes, and business continuity planning steps. Learn More
Blog | Jul 15, 2020 Avertium adds Sophos 2020 MSP Partner of the Year, Americas to List of Partner Awards Avertium Adds Sophos 2020 MSP Partner of the Year, Americas to List of Partner Awards Learn More
Blog | Jul 13, 2020 Citrix Vulnerabilities: NetScaler ADC, NetScaler Gateway and SD-WAN WANOP This threat report is about a series of Citrix vulnerabilities within Citrix ADC (NetScaler ADC), Gateway (NetScaler Gateway), and SD-WAN WANOP. Learn More
Blog | Jul 9, 2020 Why Patch Management is Important for Cyber Security This post explains strong patch management importance in cyber security, best practices, and how to implement a program that manages risk. Learn More
Blog | Jul 7, 2020 What's New in HITRUST CSF Version 9.4 CMMC and NIST Mapping Learn about the added HITRUST CMMC and NIST mapping aspects of this recently released HITRUST CSF version 9.4. Learn More
Blog | Jul 6, 2020 Palo Alto PAN-OS Vulnerability with CVSS score of 10 issued This threat report is about CVE-2020-2021, a newly discovered critical vulnerability in the Palo Alto PAN-OS and carries a CVSS score of 10. Learn More
Blog | Jun 29, 2020 Cisco Webex Meetings Desktop App Vulnerability This threat report is about a Cisco Webex Meetings Desktop App vulnerability referred to as CVE-2020-3263 with Cisco updates to remediate. Learn More
Blog | Jun 25, 2020 Cloud Security Defense in Depth (What Is It & How To Utilize It) Learn the argument for defense cloud security, the unique challenges of implementing cloud cybersecurity, & how to protect your cloud environment. Learn More
Blog | Jun 25, 2020 First HIPAA Risk Assessment? Here's how to be prepared This article provides an introduction to HIPAA risk analysis and four things to remember when preparing for your first HIPAA risk assessment. Learn More
Blog | Jun 23, 2020 Ransomware Prevention to Incident Response This article covers ransomware prevention to incident response to help you protect against ransomware or recover from a ransomware attack. Learn More
Blog | Jun 22, 2020 New FK_Undead Malware Modules This threat report is about a set of new modules added to the FK_Undead malware and provides actionable intelligence to protect against this threat. Learn More
Blog | Jun 17, 2020 10 factors for Cloud Security during selection and implementation Cloud security during selection and implementation that considers data governance, data security, and remote workforce's usage of technology. Learn More
Blog | Jun 16, 2020 Do I have to be PCI compliant? This article offers PCI DSS information to help you answer important questions, and explains the QSA's role and how to avoid heavy fines. Learn More
Blog | Jun 11, 2020 Does HIPAA apply to me? "Does HIPAA Apply to Me?" answers if your organization must be HIPAA compliant and how to adhere to HIPAA Rules for protected health information (PHI). Learn More
Blog | Jun 10, 2020 VMWare Tools Vulnerability Allows Administrative Access This threat report is about VMware tools vulnerability CVE-2020-3957 that can allow an attacker to gain administrative level privileges on a system. Learn More
Blog | Jun 9, 2020 Password Spray Attack Q&A with a Penetration Tester Learn from a pen testing expert about the password spray attack hackers use to gain account access and how to protect against this type of cyber attack. Learn More
Blog | Jun 3, 2020 PCI DSS business as usual: The pandemic proved why businesses should adhere PCI DSS Business as Usual is the best way to ensure you're protecting credit card data as part of regular operations. The pandemic proved this. Learn how. Learn More
Blog | Jun 2, 2020 Monitoring Telework Security with Disappearing Network Perimeters Establishing ways of monitoring telework security with disappearing network perimeters, securing endpoints, and considering employee privacy is crucial. Learn More
Blog | May 28, 2020 5 Considerations for writing New Remote Workforce Policies and Procedures Writing new remote workforce policies and procedures for cybersecurity requires special considerations, which we explore in this article. Learn More
Blog | May 27, 2020 3 differences in Incident Response for a new remote workforce Explore incident response for a new remote workforce and how to prepare for an incident response team (IRT) answering to a security incident. Learn More
Blog | May 27, 2020 Ramsay Malware targets Windows OS This threat report is about Ramsay malware that targets Windows operating system hosts to steal valuable intelligence for espionage-related reasons. Learn More
Blog | May 26, 2020 Gauging Risk Tolerance for Remote Workforce Security versus Privacy As organizations adjust to and consider permanently adopting a telework model, they must consider the privacy vs. remote workforce security implications. Learn More
Blog | May 21, 2020 The Importance of Identity Management and Governance for Telework Security The importance of identity management and governance for telework security was revealed with the shift to telecommuting for pandemic response. Learn more. Learn More