#ASM

Intelligence Blog

CISA Orders Urgent Patching of SonicWall Vulnerability Amid Ransomware Exploits

Anup Ghosh

Sep 151 min read

CISA Orders Urgent Patching of SonicWall Vulnerability Amid Ransomware Exploits

#CISA #ASM The Download The Cybersecurity and Infrastructure Security Agency (CISA) has mandated the immediate patching of a critical...

11 views

Palo Alto Networks Zero-Day Exploited Since Late March 2024

Anup Ghosh

Apr 141 min read

Palo Alto Networks Zero-Day Exploited Since Late March 2024

#asm The Download Researchers at security firm Volexity claim nation state adversaries have been exploiting Palo Alto zero-Day, now known...

20 views

CISA Breach Affects Over 100,000 Individuals

Anup Ghosh

Apr 71 min read

CISA Breach Affects Over 100,000 Individuals

#asm The Download In Congressional testimony, CISA Executive Director testified that information on 100,000 individuals were compromised...

59 views

Anup Ghosh

Apr 71 min read

9 out of 10 Cyber Attacks Use RDP

#asm The Download Sophos published a research report analyzing 150 incident response cases its IR team worked in 2023. In a startling...

41 views

Germany Warns 17,000 Unpatched Microsoft Exchange Servers Pose Risk

Anup Ghosh

Mar 311 min read

Germany Warns 17,000 Unpatched Microsoft Exchange Servers Pose Risk

#asm The Download The German agency responsible for information security, BIS, warned last week that over 17,000 unpatched Microsoft...

26 views

Sign1 Malware Infects Over 39,000 WordPress Sites

Anup Ghosh

Mar 241 min read

Sign1 Malware Infects Over 39,000 WordPress Sites

#asm The Download Security research firm Sucuri says over 39,000 websites have been compromised with Sign1 malware that exploits...

11 views

Chinese Group Sold Access to US & UK Networks by Exploiting F5 & ScreenConnect Vulnerabilities

Anup Ghosh

Mar 241 min read

Chinese Group Sold Access to US & UK Networks by Exploiting F5 & ScreenConnect Vulnerabilities

#asm The Download Google's Mandiant division assesses with moderate confidence the Chinese group UNC5174, which also goes by Uteus, is...

15 views

CISA Compromised by Ivanti Vulnerability it Warned About

Anup Ghosh

Mar 171 min read

CISA Compromised by Ivanti Vulnerability it Warned About

#asm The Download In another follow-up to a story from earlier this year, CISA disclosed its servers have been compromised following...

28 views

TeamCity Flaw Actively Exploited to Create Hundreds of New Accounts

Anup Ghosh

Mar 171 min read

TeamCity Flaw Actively Exploited to Create Hundreds of New Accounts

#ASM The Download In February, we warned about a vulnerability from JetBrains in the TeamCity software used by many software companies to...

8 views

Midnight Blizzard Leverages Microsoft Emails to Attack Downstream MSPs

Anup Ghosh

Mar 92 min read

Midnight Blizzard Leverages Microsoft Emails to Attack Downstream MSPs

#asm #midnightblizzard #cozybear #apt29 #svr #msp The Download Microsoft revealed this week that the Midnight Blizzard (Russian SVR)...

20 views

VMWare Sandbox Escape Vulnerability Deemed Critical

Anup Ghosh

Mar 71 min read

VMWare Sandbox Escape Vulnerability Deemed Critical

#vmware #hypervisorescape #asm The Download One of the most important attributes of a virtual machine is the separation that hypervisors...

19 views

CA Town Declares Cyber State of Emergency After Ransomware Attack

Anup Ghosh

Mar 21 min read

CA Town Declares Cyber State of Emergency After Ransomware Attack

#ransomware #asm The Download In what may be a first for an American city, the city manager of Oakley CA declared a state of emergency...

81 views

ConnectWise Discloses Severe ScreenConnect Vulns Under Active Exploitation

Anup Ghosh

Feb 242 min read

ConnectWise Discloses Severe ScreenConnect Vulns Under Active Exploitation

#ASM #MSP The Download If you are running an on-prem version of ConnectWise ScreenConnect that has not been patched this week, you need...

17 views

JetBrains Announces RCE Vulnerability for its On Premise TeamCity Software

Anup Ghosh

Feb 171 min read

JetBrains Announces RCE Vulnerability for its On Premise TeamCity Software

#ASM #vulnerabilitymanagement The Download If you run on-premise software for SDLC from JetBrains, this vulnerability is worth paying...

21 views

Fortinet VPN Targeted by Chinese Actor Volt Typhoon Attacks

Anup Ghosh

Feb 111 min read

Fortinet VPN Targeted by Chinese Actor Volt Typhoon Attacks

#ASM #VPN #VoltTyphoon The Download Tell me if this sounds familiar: Chinese adversaries exploiting VPN flaw from major security vendor....

37 views

Anup Ghosh

Feb 82 min read

Ransomware Payments Top $1B in 2023

#ASM #ransomware The Download In case you thought ransomware was a fad that faded out, think again. Research firm Chainalysis published...

19 views

What We Can Learn from the Midnight Blizzard Attack on Microsoft

Anup Ghosh

Jan 273 min read

What We Can Learn from the Midnight Blizzard Attack on Microsoft

#ASM #MidnightBlizzard #CozyBear #Nobelium #APT29 #UNC2452 #CTI On January 12, 2024, Microsoft detected an attack on their email systems...

63 views

Web Applications: Don't Sleep on this Attack Surface

Anup Ghosh

Jan 262 min read

Web Applications: Don't Sleep on this Attack Surface

#pentesting #webapplicationsecurity #ASM #WordPressplugins We talk a lot about attack surfaces because it is a useful construct in...

25 views

Hackers Exploiting Confluence RCE Vulnerability

Anup Ghosh

Jan 231 min read

Hackers Exploiting Confluence RCE Vulnerability

#cybersecurity #asm #ai #aisecurity Summary Cyber heroes take note: hackers are beginning to exploit a critical RCE vulnerability in...

33 views

CISA Issues Emergency Directive on Connect Secure Vulnerability

Anup Ghosh

Jan 191 min read

CISA Issues Emergency Directive on Connect Secure Vulnerability

#ASM #CISA #EmergencyDirective #ConnectSecure #whatsonyourattacksurface CISA issued a rare emergency directive instructing all Federal...

41 views

Intelligence Blog

Subscribe to the Threat Intelligence Digest for your Early Warning

Privacy Policy