Under Attack?
Get to grips with Threat Exposure Management this Computer Security Day
Today is Computer Security Day so what better time to take a closer look at a hot topic in the realm of cyber security, Threat Exposure Management.
Posts about:
Breaches, Alerts & Advisories (3)
Detecting and responding to threats in the Microsoft ecosystem
With Microsoft Windows having a 74% share of the desktop OS market worldwide, it's a pivotal platform within most organisations' IT environments. Furthermore, considering that four out of every five Fortune 500 companies harness the power of Microsoft Office 365—nearly half of the office productivity software market—it’s clear why securing the Microsoft ecosystem is so crucial.
Advisory: CVE-2023-36845 – Unauthenticated Remote Code Execution Vulnerability
Background On The Vulnerability:
In August, Juniper disclosed the following 4 vulnerabilities which individually received maximum CVSS score of 5.4.
T he 4 vulnerabilities are covered under the following categories “PHP environment variant manipulation” and “Missing Authentication for Critical Function”.
When chained together, the vulnerabilities provide a CVSS score of 9.8.
- CVE-2023-36844
- CVE-2023-36845
- CVE-2023-36846
- CVE-2023-36847
T he 4 vulnerabilities are covered under the following categories “PHP environment variant manipulation” and “Missing Authentication for Critical Function”.
When chained together, the vulnerabilities provide a CVSS score of 9.8.
Advisory: CVE-2023-4863 – Critical WEBP Bug
Background On The Vulnerability:
Date Vulnerability was discovered by Citizen Lab: September 6th/7th
Cyber Security Forecast: Trends for the rest of 2023
Continuing our series on the most significant cyber-attacks this year, Integrity360's incident response team has turned its attention to the cyber security trends that we expect to surface in the latter half of the year.
What are the different types of Vulnerabilities in cyber security?
Cyber security is an indispensable aspect of any business operation. Recognising and understanding vulnerabilities - the potential risks that could compromise an organisation's cyber security - are critical. These latent risks become real and potentially damaging threats when exploited by a threat actor or accidentally by user error, leading to disastrous consequences like data breaches, malware infections, financial loss, and/or a loss of business-critical services.
The Biggest Cyber Attacks of 2023 (So far) Part 2
In part 2 of our series on the major cyberattacks of 2023 we'll be examining the attacks on Royal Mail and JD Sports. We'll also take a closer look at one of the largest DDoS attacks ever documented and delve into the havoc caused by the Black Basta ransomware spree.
The Biggest Cyber Attacks of 2023 (So far) Part 1
We’re already at the midway point of 2023 and so far there plenty of cyber incidents have hit the headlines. In this blog we take a look at some of the biggest cyber attacks of 2023 (so far).
Weekly Cyber News Roundup – January 30th to February 3rd 2023
In this week’s roundup we take a look at some of the potential implications of the massively popular ChatGPT AI and look at the latest cyber security incidents to have hit the headlines.
Weekly Cyber News Roundup – January 23rd to 27th 2023
This week saw the release of a number of reports showing that payments to ransomware gangs fell in 2022. Our Incident response team offers some insight as to why that might be happening.
Weekly Cyber News Roundup - January 9th to 13th 2023
This week saw Microsoft release patches for nearly 100 vulnerabilities and a new tactic was seen being utilised by the Lorenz ransomware group. Read about both and the biggest cyber news in this week’s roundup.
Weekly Cyber News Roundup - January 2nd to 6th 2023
Happy New Year everyone! 2023 has just begun and the cyber criminals haven’t wasted any time in getting busy attacking businesses and organisations.
.png?width=398&height=65&name=3-ISO-Logos-(1).png)
