Correlating GeoIP Lookups
Knowing when and where a user login was performed is often a good first step to identifying and confirming anomalous behavior in your environment. For example, if all of your users...
Read MoreCitrix NetScaler ADC and Gateway Auth Bypass Vulnerability CVE-2023-4966 (Citrix Bleed)
What Happened? Security researchers at AssetNote uncovered an easily exploitable authentication bypass vulnerability when investigating Citrix patch updates related to �...
Read MoreEmerging Threat: CVE-2023-20198 – CVSS 10 Vulnerability in Cisco IOS Web UI Allows for Privilege Escalation
What Happened? Cisco has published a security advisory tracking the active exploitation of a new zero-day vulnerability in the Cisco IOS Web UI. This flaw affects all ve...
Read MoreNotable Increase in Password Spraying Activity Against Cisco ASA SSL VPNs
What Happened? Rapid7 has reported active exploitation of Cisco ASA SSL VPNs. This is not the result of a new CVE or vulnerability, but rather an observable increase in successful...
Read MoreQueueJumper (CVE-2023-21554) Enables Remote Execution with MSMQ
What Happened? Wayne Low of Fortinet's FortiGuard Lab and Haifei Li of Check Point Research discovered a series of vulnerabilities in Windows Message Queuing (MSMQ), the most seri...
Read MoreFortinet SSL-VPN RCE Vulnerability (CVE-2022-40684) Exploited In The Wild
What Happened French cybersecurity firm Olympe Cyberdefense discovered and disclosed a zero-day vulnerability in Fortinet (CVE-2022-40684) that enables unauthenticated remote code...
Read More