CYBER Threat Intelligence Reports

LATEST CTIs

CVE-2023-50378 Apache Ambari Stored Cross-Site Scripting Vulnerability

The security flaw CVE-2023-50378 in Apache Ambari, a Hadoop cluster management tool, is a stored cross-site scripting (XSS) vulnerability that allows attackers to inject malicious…

Read more >

Microsoft Resolves Outlook Sync Issue Over Exchange ActiveSync

Microsoft has addressed a synchronization issue affecting some Microsoft 365 users' Outlook desktop clients, which prevented them from connecting to email servers via Exchange ActiveSync…

Read more >

Addition of CVE-2023-29360 to CISA’s Known Exploited Vulnerabilities Catalog

CISA has updated its Known Exploited Vulnerabilities Catalog with CVE-2023-29360, a vulnerability in Microsoft Streaming Service. This addition, based on evidence of active exploitation, highlights…

Read more >

U.S. Court Orders NSO Group to Hand Over Pegasus Spyware Code to WhatsApp

In a significant legal victory for Meta, a U.S. judge has ordered NSO Group to provide the source code for its Pegasus spyware, following a…

Read more >

ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1709 and CVE-2024-1708)

Sophos X-Ops warns of critical vulnerabilities in ConnectWise ScreenConnect, affecting versions prior to 23.9.8. CVE-2024-1709 and CVE-2024-1708 pose severe risks, enabling remote code execution and…

Read more >

Urgent Security Alert: SQL Injection Vulnerability in WordPress Ultimate Member Plugin (CVE-2024-1071)

A critical SQL Injection vulnerability, CVE-2024-1071, affects the Ultimate Member WordPress plugin versions 2.1.3 to 2.8.2, impacting over 200,000 sites. Update to version 2.8.3 immediately…

Read more >

CISA: Mozilla Releases Security Updates for Firefox and Thunderbird to Address Critical Vulnerabilities

On February 21, 2024, Mozilla released critical security updates for Firefox, Firefox ESR, and Thunderbird to address vulnerabilities that could allow cyber threat actors to…

Read more >

Vulnerability in RSS Aggregator by Feedzy Plugin (CVE-2024-1317)

The RSS Aggregator by Feedzy plugin for WordPress has a vulnerability (CVE-2024-1317) in versions up to 4.4.2, allowing SQL injection attacks by authenticated users with…

Read more >

Security Flaw in VMware’s Enhanced Authentication Plugin (EAP) Puts Active Directory at Risk

VMware urges users to uninstall the Enhanced Authentication Plugin (EAP) due to a critical flaw (CVE-2024-22245, CVSS score: 9.6) that compromises Active Directory. A related…

Read more >

Cybersecurity Best Practice

Red Team Penetration Testing: Creating Realistic Attack Scenarios

Red team penetration testing simulates real-world attacks to perform an assessment on effectiveness of security defenses.

Read more >

red team penetration testing

API Penetration Testing Tools and Techniques: Best Practices

Learn the tools, techniques, and best practices for performing thorough API penetration testing to uncover vulnerabilities in web service interfaces before attackers can exploit them.

Read more >

Annual Vs. Continuous Penetration Testing: Which Is Right for Your Business?

Is Annual pen testing enough or do you really need continuous penetration testing to ensure your business doesn't have any exploitable vulnerabilities?

Read more >

Annual Vs. Continuous Penetration Testing - Which Is Right for Your Business

Ensuring API Security: A Guide to API Penetration Testing

APIs allow different software applications to communicate with each other, facilitating data transmission and functionality. However, the rise in API usage has also led to…

Read more >

Ensuring API Security: A Guide to API Penetration Testing

Beyond Traditional Testing: The Power Of Red Team Penetration Testing

Discover the game-changing benefits of Red Team Penetration Testing and unlock your business's true security potential. Don't settle for traditional methods!

Read more >

Beyond Traditional Testing The Power Of Red Team Penetration Testing

Diving Deeper: Understanding Different Types Of Penetration Testing

Discover the different type of penetration testing. Uncover levels of testing that will keep your systems secure. Dive in now!

Read more >

Different Types Of Penetration Testing
Under Cyber Attack?

Fill out the form and we will contact you immediately.