Multiple vulnerabilities have been discovered in Cisco Webex Network Recording Player and Cisco Webex Player that could allow for arbitrary code execution. The Webex meeting service is a hosted multimedia conferencing solution that is managed and maintained by Cisco...
Learning & Resource Center
Articles
Most Popular Posts
OSN June 3, 2021
Title: White House Urges Businesses to "Take Ransomware Crime Seriously" Date Published: June 3, 2021 https://www.bleepingcomputer.com/news/security/white-house-urges-businesses-to-take-ransomware-crime-seriously/ Excerpt: "The most important takeaway from the recent...
OSN June 2, 2021
Title: Internet Domains Used by APT29 in Phishing Attacks Seized by the U.S. Date Published: June 2, 2021 https://heimdalsecurity.com/blog/internet-domains-used-by-apt29-in-phishing-attacks-seized-by-the-us/ Excerpt: "The domains seized are theyardservice[.]com and...
Mozilla Firefox Vulnerabilities Allow Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Mozilla Firefox, Firefox Extended Support Release (ESR) and Mozilla Firefox for iOS, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet....
Russian Hackers Target Government Agencies, Think Tanks and NGO’s
The Russian-based hackers behind the SolarWinds cyber attack have launched a new campaign that appears to target government agencies, think tanks and non-governmental organizations, Microsoft said Thursday. Nobelium launched the current attacks after getting access to...
OSN June 1, 2021
Title: New Epsilon Red Ransomware Hunts Unpatched Microsoft Exchange Servers Date Published: May 29, 2021 https://www.bleepingcomputer.com/news/security/new-epsilon-red-ransomware-hunts-unpatched-microsoft-exchange-servers/ Excerpt: "Incident responders at...
OSN May 27, 2021
Title: Microsoft Warns of the StrRAT Malware Campaign Targeting Windows Systems Date Published: May 27, 2021 https://thesecmasterblog.medium.com/microsoft-warns-of-the-strrat-malware-campaign-targeting-windows-systems-the-sec-master-97cfa4d3a582 Excerpt: "The files...
Commemoration of Tulsa Race Massacre Attractive Target DVE’s
While we there isn't a specific or credible intelligence indicating that violent extremists are planning to target events taking place between May 28th and June 1st, the current Homeland threat environment remains heightened and racially or ethnically motivated...
VMware vCenter Server Could Allow for Remote Code Execution
Multiple vulnerabilities have been discovered in VMware vCenter Server, the most severe of which could allow for remote code execution. VMware vCenter Server is a centralized management utility for VMware, and is used to manage virtual machines, multiple ESXi hosts,...
Articles
Advisories
VMware vCenter Server Could Allow for Remote Code Execution
Multiple vulnerabilities have been discovered in VMware vCenter Server, the most severe of which could allow for remote code execution. VMware vCenter Server is a centralized management utility for VMware, and is used to manage virtual machines, multiple ESXi hosts,...
White House Memorandum to Corporate Executives on Ransomware
Earlier this morning, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) widely disseminated to industry partners across all sectors a memorandum from Anne Neuberger, Deputy Assistant to the President and Deputy National...
Cisco Webex Applications Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Cisco Webex Network Recording Player and Cisco Webex Player that could allow for arbitrary code execution. The Webex meeting service is a hosted multimedia conferencing solution that is managed and maintained by Cisco...
Articles
Research & Situational Awareness
Spear-Phishing Campaign Impersonates US-based Financial Brand
In a recent spear-phishing campaign, cyber actors impersonated a US-based financial institution’s brand in an attempt to get recipients to download a Windows application unaffiliated with the financial institution. The unknown cyber actors tailored the campaign to...
Lockbit Ransomware Targets United Kingdom Rail Network
On Wednesday, April 28, 2021, Merseyrail, a British railway company that operates in and around the city of Liverpool in northwestern England, confirmed a successful attack by cybercriminals using the LockBit ransomware. Merseyrail provides commuter train service...
SVR Cyber Operations Tactics, Techniques and Procedures
The Federal Bureau of Investigation (FBI) and US Department of Homeland Security (DHS) assess Russian Foreign Intelligence Service (SVR) cyber actors—also known as Advanced Persistent Threat 29 (APT 29), the Dukes, CozyBear, and Yttrium—will continue to seek...
Articles
Company News
Fortify 24×7 Named To ChannelE2E Top 100 Vertical Market MSPs
May 5, 2020, Point Roberts, WA: Fortify 24x7 has been named to After Nines Inc.’s ChannelE2E Top 100 Vertical Market MSPs list and research (https://www.channelE2E.com/top100) for 2020. The annual list and research identify and honor the top 100 managed services...
Fortify 24×7 Named To 2019 MSSP Alert Top 200 MSSP List
On September 19, 2019, MSSP Alert, published by After Nines Inc., has named Fortify 24x7 to the Top 200 MSSPs list for 2019 (https://www.msspalert.com/top200). The list and research identify and honor the top 200 managed security services providers (MSSPs) that...