Microsoft Exchange Server Remote Code Execution (RCE) VulnerabilityOn Tuesday, March 2nd, Microsoft released an out-of-band security update to mitigate four zero-day vulnerabilities that were observed being exploited in the wild against Microsoft Exchange Servers. A server-side request forgery (SSRF) being tracked as CVE-2021-26855 is the likely initial access for attackers. Exploitation of this...

Brazil is Latin America’s largest technology hub and has the eighth-largest economy by GDP. Getting to know the ins and outs of LGPD is essential for doing business there.

For comprehensive network mapping and monitoring, IT pros trust Intermapper. Learn the 4 ways Intermapper stands out from other solutions and download a free trial to see for yourself.

We are disclosing a vulnerability identified in NETSHIELD Corporation Nano 25. The engineers at NETSHIELD Corporation were prompt in their response when notified of the flaw and have provided a patch for the cyber security issue.NETSHIELD Corporation has released a patch for the affected Nano 25 version 10.2.18.Fortra VM will not include an explicit check for this vulnerability due to the...

Microsoft Defender Zero-Day Remote Code Execution (RCE) VulnerabilityOn Tuesday, January 12th, Microsoft released a patch for an RCE vulnerability present within their antivirus solutions, Windows Defender, System Center Endpoint Protection, and Security Essentials. his vulnerability is being tracked as CVE-2021-1647. Although an exploit has not been publicly released, this vulnerability is...

Win at Remediation with Quality over Quantity VM plan Managing Vulnerabilities Effectively Requires a Quality Over Quantity MindsetBusiness networks will always play host to a number of vulnerabilities. Factor in the current proliferation of endpoints and growing network complexity and you have a list of vulnerabilities that is growing exponentially. The number of reported vulnerabilities has...

Vulnerability management and threat assessment solutions provide the first line of defense in protecting assets across an organization, yet today’s widely deployed solutions are outdated in terms of providing an accurate real-time assessment of today’s complex hybrid-cloud environments. In addition, the majority of legacy solutions fail to prioritize the remediation of risky assets or even assets...

Zyxel Hardcoded Backdoor Account VulnerabilityOn December 23rd, 2020, the Dutch security firm Eye disclosed a hardcoded backdoor account within the firmware 4.60 on Zyxel Firewalls and AP Controllers. The credentials for this account cannot be changed or altered unless the firmware is patched. These hardcoded credentials provide access to both SSH and web admin interfaces, where additional...

Businesses of all sizes have some form of data that a threat actor could exploit. It is even possible for a cyber-criminal to invade a company's available network with the sole purpose of causing web security testing issues. Whether it involves patient medical histories, credit card data, available consumer transaction histories, or trade secrets, if a company uses technology to transmit or store...

As a merchant, you are likely familiar with the strict Payment Card Industry Data Security Standard (PCI DSS) requirements set by the PCI Security Standards Council (SSC). Failure to adhere to PCI compliance standards creates vulnerabilities within your business’s network that could result in a loss of sensitive credit cardholder data from consumers and malicious intrusion into your business...

Do you own a business that stores, processes, or transmits sensitive data such as credit card information online? If so, you must comply with the Payment Card Industry Data Security Standards (PCI DSS), a set of 12 main regulations to protect customer data. The PCI Security Standards Council compiled the PCI DSS. The council’s members consist of major card companies, including MasterCard, Visa,...

Advisory Solarwinds Orion Vulnerabilities Security Advisory: SolarWinds OrionAs you have likely seen in news reports over the last weeks, a series of significant security incidents occurred in earlier this month related to malicious cyber actors exploiting VMware® Access and VMware Identity Manager products and a security breach at FireEye uncovering injected malware within SolarWinds network...

Businesses are becoming increasingly vulnerable to digital threats and cyber attacks. While you might be aware of the need for security services, developing your in-house solution is often costly, time-consuming, and potentially ineffective against evolving threats.One solution is Security as a Service (SECaaS), which follows the software as a service model. In this type of security management, an...

SolarWinds Orion Supply Chain (SUNBURST) Backdoor VulnerabilitySolarWinds Orion Supply Chain (SUNBURST) BackdoorOn December 13th, the security firm FireEye released the details of a sophisticated manual supply chain attack that affects SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 (with no hotfix installed) or 2020.2 HF 1. The threat actors involved were able to incorporate a malicious ...

These days, data breaches within organizations occur so often that they are an expected inevitability. Threat actors are always seeking ways to infiltrate a system to exploit it for personal gain, whether to release sensitive information like trade secrets or slow a company down to a crawl by taking over its network. A business's IT department and security team can prevent this issue with an...

These days, it seems like most businesses are dealing with a cybersecurity attack that leaks sensitive information to the public and wreaks havoc on their day-to-day operations. Vulnerability scans are a way to identify areas of weakness within an online security network, but they are not enough. Scanning for web application vulnerabilities in conjunction with penetration testing is a more...

Learn how data center monitoring tools help ensure maximum uptime for data centers, whether on-prem, at a co lo, or operating as a hybrid data center.

Importance of Cyber Threat ManagementWith the ever increasing number of threats and complex network and system attacks, organizations are constantly struggling to keep up with mitigation and prevention solutions. According to an article from IBM on the Cost of a Data Breach, businesses and other organizations can save an average of $1.2 million when breaches are detected sooner. Detecting cyber...

D-Link VPN Router VulnerabilitiesDigital Defense, Inc. is disclosing vulnerabilities identified in D-Link VPN routers discovered by our Vulnerability Research Team (VRT). The engineers at D-Link were prompt in their response when notified of the flaws and have provided hot fixes for these cyber security issues.D-Link has made a patch in the form of a hotfix for the affected firmware versions and...

Let's face it. Today's businesses can't function without IT infrastructure. Computers, laptops, phones, and other IT devices are essential for storing and sharing important files and data.With such an essential function, businesses, both big and small, need a professional IT team to maintain and improve their network security. If you think your company is too small for criminals to notice, think...