Cyber security researchers discovered a vulnerability in how Mitel products handle a specially crafted single UDP packet sent to one of its devices that could allow for a massive amplification attack. With relatively little effort an attacker would be able to D-DOS a victim by leveraging this flaw in Mitel VoIP systems. With a ratio […]
Mitel DDos amplification attack Read More »
APC Smart-UPS a division of Schneider Electric notified its customers today of a critical vulnerability in which bad actors could remotely execute commands with zero clicks from end users. Given the widespread use of APC Smart-UPS it is recommended that all organizations patch their systems ASAP and utilize security best practices to segment network devices
Schneider Electric Security Notification Read More »
Today Google announced that is has acquired cyber security firm Mandiant for approximately $5.4 billion in cash. Mandiant will join the Google Cloud offering that includes BeyondCorp, VirusTotal, and Chronicle augmenting Google Cloud’s current security offerings. https://thehackernews.com/2022/03/google-buys-cybersecurity-firm-mandiant.html#comment-box
Google Announces Intent to Acquire Mandiant Read More »
CISA has added 11 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to the federal enterprise. Note: to view
CISA Adds 11 Known Exploited Vulnerabilities to Catalog Read More »
I read an interesting article today on the importance of a global collective for threat intelligence. As I read the article, I realized we have all the technology in place, but it may not be utilized to its fullest. I assume that this is one of two things. First, it could be a legacy mindset