Multiple vulnerabilities have been discovered in WordPress, the most severe of which could allow for SQL injection. WordPress is an open source content management system (CMS) which assist in the creation and hosting of web applications. Successful exploitation of the...
Learning & Resource Center
Articles
Most Popular Posts
Google Android OS Could Allow for Remote Code Execution
Multiple vulnerabilities have been discovered in the Google Android operating system (OS), the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to,...
Google Chrome Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet. Successful exploitation of the most severe of these vulnerabilities could...
Adobe Products could allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for Arbitrary Code Execution. Premiere Rush is a video editor. Experience Manager is a comprehensive content management solution for building websites, mobile apps...
Update 2 – Apache Log4j
A vulnerability has been discovered in Apache Log4j, a very ubiquitous logging package for Java. Successful exploitation of this vulnerability could allow for arbitrary code execution within the context of the systems and services that use the Java logging library,...
December 2021 – Microsoft Patch Tuesday
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs;...
Apple Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Apple Products, the most severe of which could allow for arbitrary code execution. iOS is a mobile operating system for mobile devices, including the iPhone, iPad, and iPod touch. iPadOS is the successor to iOS 12 and...
Google Chrome Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet. Successful exploitation of the most severe of these vulnerabilities could...
Apache Log4j – Update 1
A vulnerability has been discovered in Apache Log4j, a very ubiquitous logging package for Java. Successful exploitation of this vulnerability could allow for arbitrary code execution within the context of the systems and services that use the Java logging library,...
Articles
Advisories
Multiple Adobe Products could allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for Arbitrary Code Execution. Acrobat and Reader is a family of application software and Web services mainly used to create, view, and edit PDF documents. Illustrator...
Mozilla Firefox Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Mozilla Firefox, Firefox Extended Support Release (ESR), and Thunderbird, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox...
January 2022 – Microsoft Patch Tuesday
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs;...
Articles
Research & Situational Awareness
SIM Swapping Attacks to Steal Cryptocurrency to Become Prominent
Unidentified actors are conducting subscriber identity module (SIM) attacks and stealing cryptocurrency from victims, resulting in financial loss to cryptocurrency investors. Reporting indicates, unidentified actors withdrew cryptocurrency worth over $600,000 from...
Stabbing Attack Injures Multiple Victims on Passenger Train
A yet to be identified male attacker, armed with a knife, stabbed at least 10 passengers on board a commuter train in the Japanese capital, Tokyo, on Friday night, August 6. The attack occurred on an evening commuter train in Tokyo's Setagaya ward, which is located in...
Beware of Grandparent Fraud Scheme Using Couriers
Criminal actors target elderly U.S. citizens in a grandparent fraud scheme in which they arrange for couriers to pick up bail money in person at the victim’s residence. Criminals telephonically contact their victims and pose as a grandchild, or another family member,...
Articles
Company News
OSN July 6, 2021
Title: REvil Ransomware Asks $70 Million to Decrypt all Kaseya Attack Victims Date Published: July 5, 2021 https://www.bleepingcomputer.com/news/security/revil-ransomware-asks-70-million-to-decrypt-all-kaseya-attack-victims/ Excerpt: “REvil ransomware has set a...
OSN June 14, 2021
Title: REvil Hits US Nuclear Weapons Contractor: Report Date Published: June 11, 2021 https://threatpost.com/revil-hits-us-nuclear-weapons-contractor-sol-oriens/166858/ Excerpt: "Whether REvil – or whichever gang proves to be responsible for the attack – got its hands...
Fortify 24×7 Named to Top 100 Vertical Market MSPs: 2021 Edition
BEGIN PRESS RELEASE: Fortify 24x7 Named to ChannelE2E Top 100 Vertical Market MSPs: 2021 Edition Sixth-Annual List Reveals Leading MSPs In Healthcare, Legal, Government, Financial Services & More May 26, 2021, Point Robets, WA: For the third year in a row, Fortify...