<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=439793516377641&amp;ev=PageView&amp;noscript=1">

CATEGORY ARCHIVES: critical-vulnerability

6 Cybersecurity Mistakes Every Organization Should Avoid

 

All it takes is one mistake, one wrong click or weak password, one unpatched vulnerability, for a malicious threat actor to infiltrate your network. Once they are inside, the options are endless. Security can never be 100% airtight, but making sure you have strong armor at the frontline will critically minimize the attacks that have a chance of penetrating your network. How is this defense built? Most of the time, our mind jumps right to the tools – which technologies can we use to armor up? But effective security is much more than that – setting in place the right mindset, personnel, processes AND tools is the key to keeping your data secure. In this blog post, we will share critical mistakes that managers, IT teams and employees alike should be aware of in order to make the right choices and keep the company network safe.

Read More

Share this:

Anonymous Hacker Discloses Critical Zero-Day vBulletin Exploit

A zero-day remote code execution vulnerability in vBulletin, an extremely popular internet forum software used on more than 100,000 websites, was discovered and exposed this week.

Read More

Share this:

How to Mitigate Microsoft Windows Zero-Days Exploiting Enterprises & Giving Attackers Control

 

On top of the RDP vulnerability out there, additional Microsoft Windows zero-days are out there, which can exploit enterprises and give attackers full system control. The RDP vulnerability had the potential to be used in a WannaCry like worm. 

Read More

Share this:

ThreatSTOP & The Libssh Vulnerability: What You Need To Know

This week, the libssh project announced a serious bug in versions of their library released in the last few years.

Read More

Share this:

ThreatSTOP's Anti-Venom for CVE-2015-3456

A critical vulnerability identified by the National Vulnerability Database as CVE-2015-3456 or VENOM was published yesterday. It affects all KVM guests running on QEMU--a widely used emulator for virtual server hosting. This command and control vulnerability may allow a malicious user to escape guest environments and take full control of the operating system hosting. Like Heartbleed and Shellshock last year, this is a significant risk for organizations that could lead to the exfiltration of sensitive and proprietary data. Unchecked, this can impact thousands of organizations and millions of end users that rely on affected virtual machines for the distribution of shared computing resources.

Read More

Share this:

ARCHIVES

see all

OTHER THREATSTOP OUTLETS

  1. ThreatSTOP on YouTube
  2. ThreatSTOP on Twitter