Threat Groups Actively Targeting Higher Education Institutions
The APT groups and their motives for targeting the higher education industry. FortifyData enriches risk management with cyber threat intel.
Threat Advisory: Chromium Zero Day (MS Edge and Google Chrome)
The Chromium Zero Day Vulnerability (CVE-2022-2294) affects MS Edge and Google Chrome.
Threat Advisory: ISC BIND 9.18.0 < 9.18.3 Assertion Failure (CVE-2022-1183)
Threat Denial of Service via TLS Assertion Failure Vulnerability ISC BIND 9.18.0 < 9.18.3 Assertion Failure (CVE-2022-1183)1 CVSS – 7.0 HIGH Vulnerability Publication Date 05/18/2022 Exploitable – Remotely Description BIND is the most used DNS server software in use.2 CVE-2022-1183 allows for a TLS session to be terminated early, resulting in an assertion failure. BIND […]
Threat Advisory: Remote Procedure Call Runtime Remote Code Execution Vulnerability (CVE-2022-26809)
Threat Remote Code Execution through Microsoft RPC Vulnerability Remote Procedure Call Runtime Remote Code Execution Vulnerability (CVE-2022-26809)1 CVSS – 9.8 CRITICAL Vulnerability Publication Date – 4/12/2022 Exploits Available – Most Likely Description Of the 128 vulnerabilities in Microsoft’s April patch, 10 have a critical severity but CVE-2022-26809 is raising the most concern. The vulnerability affects […]
Threat Advisory: Spring Framework Spring4Shell Vulnerability (CVE-2022-22965)
Threat Remote Code Execution (RCE) in the Java Spring Framework Vulnerability Spring Framework Spring4Shell (CVE-2022-22965)1 CVSS – 9.8 CRITICAL Vulnerability Publication Date – 3/31/2022 Exploits Available Description The Spring4Shell Remote Code Execution vulnerability affects Apache Tomcat servers running JDK9+ with Spring library versions prior to 5.2.20 or 5.3.x prior to 5.3.18. After 26 years of […]
Cyber Advisory: Heightened Awareness Related to Russian Cyberattacks
As the Russian invasion of Ukraine progresses, having a heightened awareness for the potential cyber activities associated to the spillover of Russian cyberattacks is necessary.
How to Identify and Mitigate Risks Associated with Log4j Vulnerability
The Log4j vulnerability allows remote attackers to run arbitrary code on any application that uses Log4j. Here’s how to mitigate the risk.