Vulnerability & Threat Management

15 08, 2018

Ransomware in India: the SamSam Ransomware and Beyond

By |2018-08-15T12:52:48-07:00August 15th, 2018|Vulnerability & Threat Management|

A Sophos survey shed light on the state of ransomware in India. It revealed that 67 percent of Indian respondents reported being hit by ransomware in the last year. Due to a number of factors, it’s likely Indian business will see an increase in cyberattacks in the near future. SamSam ransomware could be one of [...]

27 07, 2018

Oracle WebLogic Vulnerability Used for Cryptomining and Other Attacks

By |2018-07-30T09:23:30-07:00July 27th, 2018|Threat Intelligence|

A critical Oracle WebLogic vulnerability (CVE-2018-2893) is being utilized by attackers three days after the publication of a proof of concept. Since the sample exploit code was released, there has been a rise in its exploitation attempts. The vulnerability has received a "critical" severity level and a score of 9.8 out of 10 on the [...]

26 07, 2018

Cryptominers Surpass Ransomware as Most Widespread Cybercrime Malware

By |2018-07-26T14:31:09-07:00July 26th, 2018|Vulnerability & Threat Management|

Cryptominers have surpassed ransomware as the cybercriminal’s tool-of-choice in the first half of 2018. That’s according to the mid-year update to the Vulnerability and Threat Trends Report. The report is compiled by the Skybox Research Lab and includes security analyst research of the vulnerabilities, exploits and threats that are shaping the threat landscape. It explores trends observed [...]

20 07, 2018

Spectre Reemerges With Two New Variants

By |2018-07-20T16:32:25-07:00July 20th, 2018|Vulnerability & Threat Management|

In January 2018, chip-level design flaws — dubbed Spectre and Meltdown — in Intel processors made headlines as they affected every Intel chip for the last decade. The vulnerabilities could allow any application running on a user-level mode to access protected kernel memory areas. The next day, researchers announced Spectre (CVE-2017-5753 and CVE-2017-5715) was present [...]

3 07, 2018

Cisco ASA Vulnerabilities See POC and Active Exploits

By |2018-07-03T13:44:31-07:00July 3rd, 2018|Uncategorized, Vulnerability & Threat Management|

A vulnerability recently surfaced in Cisco ASA, affecting Cisco Firepower and other Cisco devices. Exploiting the vulnerability (CVE-2018-0296) could cause an affected device to reload unexpectedly, allowing remote denial-of-service or information disclosure due to a path transversal issue. The vulnerability exists at the web interface and applies to IPv4 and IPv6 traffic. It does not [...]

11 06, 2018

Thousands of Open Source Projects at Risk Due to Zip Slip Vulnerability

By |2018-06-18T15:37:25-07:00June 11th, 2018|Vulnerability & Threat Management|

An archive extraction vulnerability known as Zip Slip is putting thousands of open source projects across many ecosystems at risk. These projects are within recognizable companies including Amazon, HP, Apache and many others. The June 5, 2018 disclosure was published shortly after the Zip Slip vulnerability was discovered by the Synk Security team sometime during the [...]

28 05, 2018

VPNFilter Malware: What we know so far on the router threat

By |2019-03-08T12:58:10-07:00May 28th, 2018|Threat Intelligence|

Recently, a malware known as “VPNFilter” was discovered infecting various types of routers. VPNFilter is a modular, multi-stage malware that works mainly on home or small office routers. Since 2016, when the malware was initially introduced, it has compromised more than 500,000 home and small office routers and NAS boxes. Infection of such a large [...]