D-Link VPN Router VulnerabilitiesDigital Defense, Inc. is disclosing vulnerabilities identified in D-Link VPN routers discovered by our Vulnerability Research Team (VRT). The engineers at D-Link were prompt in their response when notified of the flaws and have provided hot fixes for these cyber security issues.D-Link has made a patch in the form of a hotfix for the affected firmware versions and...

Let's face it. Today's businesses can't function without IT infrastructure. Computers, laptops, phones, and other IT devices are essential for storing and sharing important files and data.With such an essential function, businesses, both big and small, need a professional IT team to maintain and improve their network security. If you think your company is too small for criminals to notice, think...

Drupal Arbitrary PHP Code Execution VulnerabilityOn November 16th, 2020, several file manipulation vulnerabilities within the PEAR Archive_Tar library were disclosed, given CVE-2020-28948 and CVE-2020-28949. This PEAR library is used by Drupal, although these vulnerabilities impact any platform that utilizes PEAR in their code. If Drupal is configured to allow file uploads and the processing of...

Network vulnerabilities constantly evolve, resulting in the loss of valuable information and revenue from businesses. Though threat actors can find new weaknesses every day, some of their methods remain the same. Hackers have tried-and-true methods for infiltrating a seemingly secure network, and they employ various tricks, devices, and information to get the job done.Small businesses often do not...

It's not easy to keep up with threats to your tech systems, services, and applications. With new vulnerabilities appearing on a daily basis, you need a solution that regularly assesses your security operations. This is where managed vulnerability scanning comes into play.Fortra's managed vulnerability scanning service combines modern vulnerability assessment and scanning tools with experienced...

Hackers will take advantage of any weakness in your cybersecurity systems, especially the most vulnerable parts of your IT infrastructure -- web applications.By design, web applications are publicly accessible on the internet at all times, giving hackers near unlimited access to breach unprotected web servers without being on premises. Fortunately, you can prevent this with a reliable website...

Penetration testing and vulnerability scanning can be commonly confused as the same type of security testing service. However, issues arise when business owners purchase one type of security scan when they actually need another kind. It may help to understand the differences between the two main types of security testing: penetration testing and vulnerability scanning. Vulnerability scanning and...

cPanel & WHM VulnerabilityDigital Defense, Inc. is disclosing a vulnerability identified in cPanel & WHM discovered by our Vulnerability Research Team (VRT). The engineers at cPanel & WHM are to be commended for their prompt response to the identified flaw and their team’s work with VRT to provide prompt fixes for this cyber security issue.cPanel & WHM has provided a patch for the vulnerability...

Proactively monitoring your network is the best way to prevent costly network outages and unexpected downtime.

MSP Vulnerability ScannerOur MSP vulnerability scanner will deliver website scanning and network vulnerability assessment services to your customers using our easy to use MSP platform. Our focus: high accuracy, easy management, low cost and integration with your existing systems. With our SaaS platform, automation simplifies the scanning process with deployment that includes a range of servers,...

It takes a great deal of time and effort to build an effective cyber security infrastructure. With the threat of malicious attacks increasing every day, businesses and organizations must ensure that their systems are free of any risk or other vulnerabilities that could harm the company. Threat and vulnerability management programs involve honing in on security risks with vulnerability assessments...

Behind every successful organization, within any industry, is an IT system. Everyone in the workforce, from top to bottom, utilizes this system's assets on a daily basis. Think about it. Making quick internet searches, emailing potential clients, and storing data in the cloud, to give you an example, can't be done without an IT device. However, everything comes with a price. Organizations that...

ESXi OpenSLP Remote Code Execution (RCE) Vulnerability On October 20th, VMWare disclosed the presence of an RCE vulnerability with the OpenSLP within ESXi. Exposure of the vulnerability is through TCP port 427 and yields a CVSSv3 score of 9.8. The vulnerability is referenced by CVE-2020-3992 and was provided a patch by VMWare on the same day as disclosure. Products affected are ESXi, Workstation...

Most companies spend significant time and energy protecting sensitive data from hackers by investing in the latest firewalls, anti-virus software, and access control management solutions. However, all this effort is useless without considering the human factor.Social engineering is the most powerful tool in a hacker's arsenal and can help them gain access quickly, quietly, and easily into your...

A foundational component of any security program is ensuring that the organization has a clear understanding of where risk resides. One of the most effective ways to understand infrastructure weaknesses and test your defenses is with a penetration test (aka: ethical hacking) assessment.The growing number of malware and ransomware attacks is a key indicator of the severity of risk for organizations...

These days, companies are continually falling prey to attacks from thieves who get past their cyber security measures and steal consumer and financial data. They target system vulnerabilities to acquire the information they seek, which is usually cardholder data.Until 2004, there were no set regulations or standards for merchants and vendors to follow for preventing cardholder theft. Major credit...

Comparing and quantifying your cybersecurity posture against peer organizations in the financial sector provides valuable context for how your cybersecurity program performs relative to others in your industry. Digital Defense’s Insight peer comparison report in the Fortra Vulnerability Management platform vulnerability and threat management platform provides actionable and detailed intelligence...