Zero-Day Vulnerabilities Found in Microsoft Exchange (CVE-2022-41040 and CVE-2022-41082)
What Happened? Two zero-day vulnerabilities were discovered in Microsoft Exchange Server 2013, 2016, and 2019. One vulnerability, CVE-2022-41040 is a Server-Side Request Forgery (...
Read MoreWhy Blumira Launched a Free SIEM
In the past few years we’ve all learned that cybersecurity needs to be a priority for every organization, but it’s not always accessible or affordable for everyone. Unfortunate...
Read MoreLet’s All Calm Down About Spring4Shell
What Happened? On March 30, 2022 rumors began to circulate that a remote code execution (RCE) vulnerability was discovered in Spring Core, the most widely-used lightweight open so...
Read MorePatch Released For Sophos Firewall RCE Vulnerability (CVE-2022-1040)
What Happened? An authentication bypass vulnerability (CVE-2022-1040) that allowed for remote code execution (RCE) was discovered in the User Portal and Webadmin of Sophos Firewal...
Read MoreLapsus$ Claims To Breach Okta Customer Data
What Happened? Okta, an authentication services provider, is investigating a potential customer data breach after the hacker group Lapsus$ posted screenshots on Tuesday, March 22 ...
Read MoreTop 7 Cloud Security Best Practices For 2022
Cloud won’t solve all problems, but it does significantly reduce the scope of what those problems are — and makes some of the remaining ones much bigger. For organizations...
Read More