A ransomware attack was discovered on the devices of the federal law enforcement agency, that specializes in tracking and apprehending fugitives. The USMS has confirmed breach of confidential data from its devices. The Department of Justice that oversees the US Marshals Service has started investigating the matter and has deemed it a “Major Incident” in …
Indigo, Canada’s largest book retailer, experienced a ransomware attack on February 8, 2023. The company immediately engaged third-party experts to investigate and resolve the situation. To prevent data from being improperly accessed, some of the company’s systems were proactively shut down. Indigo has stated that customer credit and debit card information was not compromised, as …
Cyber Attack on Indigo – Cyber Attacks – Cyber Security Read More »
Buffer overflow Zero Day Released – 2023-02-14 Patch Released – 2023-02-14 Description: The vulnerability allows a local user to escalate privileges on the system. The vulnerability exists due to a boundary error within the Windows Graphics Component. A local user can trigger memory corruption and execute arbitrary code with SYSTEM privileges. Note, the vulnerability is …
New Zero Day: CVE-2023-21823, Zero-day vulnerability in Windows Read More »
Security features bypass Zero Day Released – 2023-02-14 Patch Released – 2023-02-14 Description: The vulnerability allows a remote attacker to compromise the affected system. The vulnerability exists due to unspecified error when processing files. A remote attacker can trick the victim to open a specially crafted file, bypass Office macro policies used to block untrusted …
New Zero Day: CVE-2023-21715, Zero-day vulnerability in Microsoft Publisher Read More »
Zero Day Released – 2023-02-14 Patch Released – 2023-02-14 Description: The vulnerability allows a local user to escalate privileges on the system. The vulnerability exists due to a boundary error in Windows Common Log File System Driver. A local user can trigger memory corruption and execute arbitrary code with SYSTEM privileges. Note, the vulnerability is …
New Zero Day: CVE-2023-23376, Zero-day vulnerability in Windows Read More »
Vulnerability Management Lifecycle Vulnerability management is an essential part of any organization’s security posture. It involves the identification, assessment, and remediation of vulnerabilities in systems, applications, and other assets to minimize the risk of exploitation by malicious actors. The vulnerability management life cycle consists of several stages that work together to ensure that vulnerabilities are …
Vulnerability Management Lifecycle – Cyber Security Essentials Read More »
Apple has released a security advisory for the latest zero day vulnerability in its iOS system.The Vulnerability was released on 13th February 2023 and has been assigned the CVE, CVE-2023-23529. The Vulnerable component is Apple iOS Associated CWE CWE-843 – Access of Resource Using Incompatible Type (‘Type Confusion’) CWE-843 is a weakness in software security …
New Zero Day: CVE-2023-23529, Zero-day vulnerability in Apple iOS Read More »
A new Zero Day Vulnerability has been found in GoAnywhere MFT. GoAnywhere is a popular file transfer application.
What is a Zero Day Vulnerability? Zero Day as a term is used to define vulnerabilities that have been found to be exploited in the Wild, when it was discovered by “friendly” and informed to the vendor of the affected software or program or in some cases to the general public. “Friendly” has been used …
What is Zero Day? – Vulnerability – Definition on Security Terms Read More »
