Free Access

Category: Cyber Risk Management

Peek into Monthly Vulnerabilities: August 2024

This image is about monthly vulnerabilities for August 2024.

Blog August 2024 Vulnerabilities August 2024 again saw an uptick in the number of vulnerability disclosures, with several commonly exploited Common Vulnerabilities and Exposures (CVEs) across several platforms. Risk levels may be high, particularly on an enterprise scale, but the number of exploits seen this month demonstrates that there are active attempts to prevent them. […]

Peek into Monthly Vulnerabilities: July 2024

This image is about monthly vulnerabilities for July 2024.

Blog Peek into Monthly Vulnerabilities July 2024 July 2024 is not a normal reporting month as 22,254 Common Vulnerabilities and Exposures (CVEs) were reported in the middle of it, but only %0.91 had been weaponized. There were 79,000 new vulnerabilities reported in the first six months of 2024, which isn’t the actual number, but even if it is, […]

CrowdStrike Update Halts the Systems: CyberSpace Ripple Effect

This image is about the CrowdStrike update affecting systems.

Blog CrowdStrike update 1.CrowdStrike Windows Outage: What Happened? A recent CrowdStrike update caused severe disruptions, including high CPU usage on macOS systems and the Blue Screen of Death (BSOD) on Windows systems. These issues affected hundreds of systems globally, leading to operational standstills in various sectors, including broadcasting, aviation, and transportation. 2. When Did the […]

Peek into Monthly Vulnerabilities: June 2024

This image is about monthly vulnerabilities for June 2024.

Blog Vulnerabilities June 2024 Peek into Monthly Vulnerabilities: June 2024 As more and more vulnerabilities and security flaws have surfaced throughout the rapidly changing cyber landscape, the need to keep an eye on our cybersecurity has become more keenly felt than ever before. The patching requirements of good cyber hygiene mandate that your chain is […]

Polyfill.io Supply Chain Attack: How Over 100,000 Websites Were Compromised and What You Need to Know

Learn how the Polyfill.io supply chain attack impacted over 100,000 websites and what steps you can take to secure your site.

Blog Polyfill.io supply chain attack Polyfill.io Supply Chain Attack: How Over 100,000 Websites Were Compromised and What You Need to Know The Polyfill.io Scandal: What Happened? A highly used open-source JavaScript library, Polyfill.io helps to enable older browsers to implement modern web functionalities. This highly trusted service has recently been compromised, leading to massive supply […]

Top 10 Tools for Effective Attack Surface Management

This image is about top 10 tools for effective attack surface management.

Blog Top 10 Tools for Effective Attack Surface Management Organizations are acting under duress. So much has changed in the digital sphere so quickly. The ever-increasing sophistication and interconnected complexity have provided attackers with a wider pool of targets to exploit, significantly raising the number of potential damage vectors compared to years gone by. Attack […]

What is External Attack Surface Management (EASM)?

This image is about External Attack Surface Management (EASM).

Blog External Attack Surface Management (EASM) is vital to modern cybersecurity strategies. EASM is gaining importance as organizations’ digital footprints expand and they are exposed to new vulnerabilities. In this content, crafted by the experts at ThreatMon, we will delve into External Attack Surface Management and its importance for businesses seeking to fortify their defenses […]

What is the OpenSSL Version Vulnerability?

This image is about the OpenSSL version vulnerability.

Blog Learn about the OpenSSL version vulnerability, a flaw in the popular encryption library that can expose sensitive data, emphasizing the importance of updates to mitigate security risks. On October 25, the OpenSSL team has announced that a security patch for a critical vulnerability in OpenSSL version 3.x was being prepared. In addition to that […]

SQL Injection Failure and Flaws Have Been Patched by Vmware

This image is about VMware patching SQL injection vulnerabilities.

Blog SQL Injection Failure SQL Injection Failure and Flaws That Allow Remote Attackers to Execute Code Remotely Have Been Patched by Vmware. The proof-of-concept exploit code is publicly available for a critical authentication bypass vulnerability in multiple VMware products that allows attackers to gain administrative privileges. VMware has previously released updates to the vulnerability (CVE-2022-31656, […]

Google Has Released an Update for the New Chrome Zero-Day Vulnerability

This image is about Google's update for a new Chrome zero-day vulnerability.

Blog Chrome Zero-Day Vulnerability Google has released security updates for many vulnerabilities, including the zero-day vulnerability for the Chrome browser. These defects are known to be actively exploited in the wild. Defined as a case of insufficient validation of untrusted inputs in Intents, the flaw is tracked with code CVE-2022-2856 (CVSS: N/A). The firm refrained […]