Free Access

Category: Cyber Risk Management

Top 10 Tools for Effective Attack Surface Management

This image is about top 10 tools for effective attack surface management.

Blog Organizations are acting under duress. So much has changed in the digital sphere so quickly. The ever-increasing sophistication and interconnected complexity have provided attackers with a wider pool of targets to exploit, significantly raising the number of potential damage vectors compared to years gone by. Attack Surface Management has gained traction as a critical […]

What is External Attack Surface Management (EASM)?

This image is about External Attack Surface Management (EASM).

Blog External Attack Surface Management (EASM) is vital to modern cybersecurity strategies. EASM is gaining importance as organizations’ digital footprints expand and they are exposed to new vulnerabilities. In this content, crafted by the experts at ThreatMon, we will delve into External Attack Surface Management and its importance for businesses seeking to fortify their defenses […]

What is the OpenSSL Version Vulnerability?

This image is about the OpenSSL version vulnerability.

Blog On October 25, the OpenSSL team has announced that a security patch for a critical vulnerability in OpenSSL version 3.x was being prepared. In addition to that the forthcoming patch will be released on Tuesday, November 1, 2022, between 1300 and 1700 UTC. This security announcement aroused a curiosity in the community as It […]

SQL Injection Failure and Flaws That Allow Remote Attackers to Execute Code Remotely Have Been Patched by Vmware

This image is about VMware patching SQL injection vulnerabilities.

Blog The proof-of-concept exploit code is publicly available for a critical authentication bypass vulnerability in multiple VMware products that allows attackers to gain administrative privileges. VMware has previously released updates to the vulnerability (CVE-2022-31656, CVSS: N/A) affecting VMware Workspace ONE Access, Identity Manager and vRealize Automation. A high severity SQL injection flaw (CVE-2022-31659, CVSS: N/A) […]

Google Has Released an Update for the New Chrome Zero-Day Vulnerability

This image is about Google's update for a new Chrome zero-day vulnerability.

Blog Google has released security updates for many vulnerabilities, including the zero-day vulnerability for the Chrome browser. These defects are known to be actively exploited in the wild. Defined as a case of insufficient validation of untrusted inputs in Intents, the flaw is tracked with code CVE-2022-2856 (CVSS: N/A). The firm refrained from sharing additional […]

13 Organizations Targeted by Chinese-Linked APT41 and a New Wave of Cobalt Strike Infections

This image is about 13 organizations targeted by Chinese-linked APT41 and a new wave of Cobalt Strike infections.

Blog APT41, one of the state-sponsored ex-hacker groups, breached government networks in six US states in March 2022, including by exploiting a vulnerability in a livestock management system, according to Mandiant researchers. Cybersecurity firm Group-IB’s investigations resulted in nearly 80 proactive notifications of APT41 attacks against their infrastructure to private and government organizations worldwide. The […]

LastPass Password Manager with 25 Million Users Hacked

This image is about the LastPass password manager breach affecting 25 million users.

Blog LastPass, one of the world’s largest password managers, has confirmed that it has been hacked. The company revealed that threat actors stole some of the company’s source code and some proprietary LastPass technical information. It was also stated that there is no evidence yet that this incident involved any access to customer data or […]

Chinese Threat Actors APT40 Targets Energy Sector in Australia and the South China Sea

This image is about APT40 targeting the energy sector in Australia and the South China Sea.

Blog The Chinese state-owned threat actor, APT40, targets Australian government agencies, Australian media companies and manufacturers that maintain wind turbine fleets in the South China Sea. Cybersecurity firm Proofpoint, which works in collaboration with PwC, said the threat actor sent phishing emails impersonating the latest campaigns, fake Australian Morning News and Australian media outlets. The […]

The Importance of Attack Surface Management for Organizations

This image is about the importance of attack surface management for organizations.

Blog The Importance of Attack Surface Management for Organizations Today, with the transition of organizations from traditional business processes to digital business processes, the likelihood of organizations facing the risk of cyber attacks on their digital assets is increasing. This situation brings with it the need for continuous management and monitoring of digital assets. Although […]

ChatGPT and Cyber Security in 15 Questions: Impacts, Benefits and Harms

This image is about ChatGPT and cybersecurity in 15 questions.

Blog What is the ChatGPT? ChatGPT is an AI driven chatbot launched by OpenAI in November 2022. ChatGPT is a variant of the GPT (Generative Pre-training Transformer) language model that has been fine-tuned for the task of conversational response generation. Like other GPT models, ChatGPT uses a transformer architecture to process and generate text. However, […]

Stay informed with the latest updates, expert insights, and in-depth analysis from ThreatMon’s cybersecurity intelligence. Subscribe to receive critical news, threat reports, and industry trends directly in your inbox, helping you stay ahead of emerging cyber threats.

Platform

Subscriptions

Solutions

Resources

Partner

Company

© 2024 ThreatMon. All rights reserved.
X-twitter Linkedin-in Github