Blog
Cyber Threat Report
CASE STUDY

Firmware Flaws Could Spell 'Lights Out' for Servers
Five vulnerabilities in the baseboard management controller (BMC) software used by 15 major vendors could allow remote code execution if attackers gain network access. Read More

Colonoscopy Prep Retail Website Breach Festered for Years
Personal Data of 244,000 in Flux After Malware Probe of Gastroenterologist Vendor.  Read More

Qualcomm, and Lenovo Flag Multiple High-Impact Firmware Vulnerabilities
“We opened Pandora’s box of ARM devices UEFI firmware vulnerabilities impacting enterprise vendors.” Read More

A New Microsoft Exchange Flaw is Being Used to Attack Servers
Delivers remote access tools and remote administration software. Exploit also chain bypasses mitigations. Read More

Maryland Bars State Employees from Using Kaspersky, TikTok, Huawei, and Others
The companies include Huawei Technologies, ZTE Corp., Alibaba-owned AliPay, Tecent-owned Tencent QQ, WeChat, and QQWallet, as well as Russian-owned cybersecurity and antivirus firm Kaspersky. Read More

FTC Holds Company’s CEO Personally Liable for Security Failures
The FTC found that the company and its CEO had failed to develop and implement appropriate measures to protect consumers' personal information. Read More

Data Breaches Rise By 70% Globally in Q3 2022
The top five countries and regions most affected by data breaches in Q3 2022 were Russia, France, Indonesia, the US, and Spain. Read More

Multiple Cisco Products Impacted by L2 Network Security Control Bypass Flaws 
Cisco this week has confirmed that tens of its enterprise routers and switches are impacted by bypass vulnerabilities in the Layer-2 (L2) network security controls. Read More

Apple Releases Another Urgent IOS Security Patch, So Install Now
Apple has released an urgent security patch that addresses multiple flaws in different versions of iOS, iPad OS, and macOS. Some of these flaws, the company confirmed, are being actively abused in the wild.  Read More

Researchers say Cisco Firewall Software Remains Vulnerable to Attack Despite Patch
Rapid7 researchers conduct a test on Cisco's firewall where they find a major threat in Adaptive Security Software, ASDM, and Firepower Services Software for ASA, which was left unpatched for months. Read More