Threat Advisory: ISC BIND 9.18.0 < 9.18.3 Assertion Failure (CVE-2022-1183)
Threat Denial of Service via TLS Assertion Failure Vulnerability ISC BIND 9.18.0 < 9.18.3 Assertion Failure (CVE-2022-1183)1 CVSS – 7.0 HIGH Vulnerability Publication Date 05/18/2022 Exploitable – Remotely Description BIND is the most used DNS server software in use.2 CVE-2022-1183 allows for a TLS session to be terminated early, resulting in an assertion failure. BIND […]
What To Know About The Top 15 Exploited Vulnerabilities
A recent joint cybersecurity advisory from U.S and allied cybersecurity authorities identified the top exploited vulnerabilities and exposures (CVEs).
Threat Advisory: Remote Procedure Call Runtime Remote Code Execution Vulnerability (CVE-2022-26809)
Threat Remote Code Execution through Microsoft RPC Vulnerability Remote Procedure Call Runtime Remote Code Execution Vulnerability (CVE-2022-26809)1 CVSS – 9.8 CRITICAL Vulnerability Publication Date – 4/12/2022 Exploits Available – Most Likely Description Of the 128 vulnerabilities in Microsoft’s April patch, 10 have a critical severity but CVE-2022-26809 is raising the most concern. The vulnerability affects […]
Threat Advisory: Spring Framework Spring4Shell Vulnerability (CVE-2022-22965)
Threat Remote Code Execution (RCE) in the Java Spring Framework Vulnerability Spring Framework Spring4Shell (CVE-2022-22965)1 CVSS – 9.8 CRITICAL Vulnerability Publication Date – 3/31/2022 Exploits Available Description The Spring4Shell Remote Code Execution vulnerability affects Apache Tomcat servers running JDK9+ with Spring library versions prior to 5.2.20 or 5.3.x prior to 5.3.18. After 26 years of […]
Cyber Advisory: Heightened Awareness Related to Russian Cyberattacks
As the Russian invasion of Ukraine progresses, having a heightened awareness for the potential cyber activities associated to the spillover of Russian cyberattacks is necessary.
Four Questions Your Board Will Ask You About Cyber Risk
Here are the top 4 questions you should expect board members to ask you, and how you can best answer them.
How Integrated Cyber Risk Management Helps Your Organization
In today’s world, organizations need to have accurate and complete visibility into their entire asset inventory, associated vulnerabilities, and threat landscape, including third-party risks, to understand their complete risk exposure levels to develop a plan for improved cyber risk management outcomes. The problem is, there are a lot of risk management solutions that claim to […]
Cyber Risk Scoring- The FortifyData Scoring Methodology
Cyber risk scoring and security rating methodology for FortifyData security rating. Description of score ranges explained.
How to Identify and Mitigate Risks Associated with Log4j Vulnerability
The Log4j vulnerability allows remote attackers to run arbitrary code on any application that uses Log4j. Here’s how to mitigate the risk.
Four reasons your current cybersecurity rating is not comprehensive
Are you using a cybersecurity risk rating to assess cyber risk exposure? Is it comprehensive and accurate? Learn the four reasons it may not be.