Tag selected: Vulnerability

Massive Kaseya attack demands up to $70 million ransom from more than 200 US businesses
Florida-based IT company Kaseya has been targeted in a ‘colossal’ ransomware attack, believed to be at the hands of the Russia-linked REvil group taking advantage of an existing vulnerability in its servers. The attack happened on Friday 2nd July, as businesses across the US wound down for the long...
The most critical vulnerabilities right now
We may not yet be at the halfway point of 2021 but, over the course of the past 4 and a half months, Blueliv has already observed over 4,900 critical CVEs spanning widely used products from global vendors such as Panasonic, Cisco, Microsoft, and of course SolarWinds. It is...
Vulnerable Microsoft Exchange servers leave thousands of organizations compromised
This week it was reported that tens of thousands of organizations around the world were compromised using several Microsoft Exchange 0-days. Since then attackers have been busy targeting the compromised organizations in what is now presumed to be a more devastating attack than 2020’s SolarWinds incident. In the days...
RDPalooza: RDPs in the World of Cybercrime
  Key Points  Remote Desktop Protocol (RDP) is a built-in part of the Windows toolkit popular for facilitating remote work. Cybercriminals take interest in compromising RDP endpoints as they provide direct access into a victim environment via a graphic interface.   Internet-facing RDP endpoints – colloquially known among cybercriminals...
Why Threat Intelligence is Central to Effective Vulnerability Prioritization
Vulnerability management is a persistent feature of good cybersecurity practice; a routine hygiene to help proactively reduce organizational risk. But vulnerability management is also a somewhat blunt instrument when faced with a critical mass of threats, each evolving at a different pace and each with unique implications for individual...
research-blog
Brief analysis of CVE-2020-0601
Microsoft has recently released a patch for a severe vulnerability affecting Windows 10, and Windows Server 2016 and 2019, as predicted by Brian Krebs amongst others on Monday 13 January 2020. CVE-2020-0601  The flaw, assigned the CVE identifier CVE-2020-0601, involves one of the most basic components of the Windows API, CryptoAPI, which...
Demo Free Trial MSSP
Program