zero-day
Response to ScreenConnect’s Recent Zero-day Vulnerability Exploitation
AttackIQ has released a new assessment template in response to the recent wave of zero-day vulnerability exploits affecting ConnectWise’s ScreenConnect software. This assessment template comprises the various Tactics, Techniques, and Procedures (TTPs) ...
ConnectWise ScreenConnect Vulnerability: Urgent Update
ConnectWise announce ScreenConnect vulnerability, with admins urged to update on-prem servers to 23.9.8, immediately : ScreenConnect 23.9.8 Update Here : Earlier this week, critical vulnerabilities were disclosed by ConnectWise in their widely ...
VMware Urges Immediate EAP Uninstall: CVE-2024-22245
VMware is making an urgent call for admins to uninstall the now-defunct authentication plugin, EAP: CVE-2024-22245/ CVE-2024-22250 The Enhanced Authentication Plugin (EAP), once a staple for seamless vSphere management interface logins via ...
Why Real-Time Behavior Analytics is Critical
Real-time behavior analytics enables immediate detection and response, significantly enhancing security and reducing the window for damage The ability to not only understand but also immediately respond to threats as they occur ...
Driving Towards Zero-Days: Hackers Take Turns Uncovering Exploits at Pwn20wn
Hackathon events like Pwn2Own Automotive 2024 play a crucial role in shedding light on zero-day attacks and significantly benefit security teams in several ways. These events bring together talented security researchers, ethical ...
Ivanti VPN Zero-Day Combo Chained ‘by China’
Under active exploitation since last year—but still no patch available ...
New iPhone Exploit Uses Four Zero-Days
Kaspersky researchers are detailing “an attack that over four years backdoored dozens if not thousands of iPhones, many of which belonged to employees of Moscow-based security firm Kaspersky.” It’s a zero-click exploit ...
The Dual Solution to Zero-Day Attacks
Microsegmentation and file integrity monitoring (FIM) for peace of mind against zero-day attacks When I speak to our clients, it’s clear that zero-day attacks represent one of the most challenging threats to ...
Cisco Zero-Day: As Bad as it Gets — and No Fix 4 Weeks in
Keeping us in suspense—It doesn’t get worse than this: CVE-2023-20198 is CVSS=10 ...
Zero-Day Vulnerabilities Unveiled: What Small Businesses Must Know in 2023
Introduction In the ever-evolving landscape of cybersecurity, few terms evoke as much concern as “zero-day vulnerabilities.” These are the hidden flaws within software that, when exploited, can wreak havoc before anyone even ...