Blog
VMware Aria Operations for Logs CVE-2023-34051 Technical Deep Dive and IOCs
Introduction This report is a follow up to https://www.horizon3.ai/vmware-vrealize-log-insight-vmsa-2023-0001-technical-deep-dive/. Earlier this year we reported the technical details for VMSA-2023-0001 affecting VMware Aria Operations for Logs (formerly VMware vRealize Log Insight). […] The ...
Insider Risk Digest: Week 41-42
This Article Insider Risk Digest: Week 41-42 was first published on Signpost Six. | https://www.signpostsix.com/ Fourth Edition: Insider Highlights Every two weeks, we bring you a round-up of cases and stories that ...
What John Chambers Never Told You About Cisco Security
Get an insider's perspective on Cisco Security acquisitions since John Chambers' departure, and learn about the challenges often faced during an acquisition. The post What John Chambers Never Told You About Cisco ...
Cisco IOS XE Web UI Vulnerability: A Glimpse into CVE-2023-20198
Overview On Monday, 16 October, Cisco reported a critical zero-day vulnerability in the web UI feature of its IOS XE software actively being exploited by threat actors to install Remote […] The ...
Cisco IOS XE Zero-Day: Network Supply Chain Vulnerabilities Underscore Lack of Threat Detection
40,000 devices compromised and counting: That’s what we’re facing with the zero-day vulnerability in Cisco’s IOS XE software used in its routers, switches, and access points, both physical and virtual. This is ...
Threat Spotlight: Initial Access Brokers on Russian Hacking Forums
Russian Hacking Forum Trends Initial access brokers (IAB) are sophisticated, focused, and specialized threat actors that focus on finding and gaining access to corporate environments. Once they compromise these environments, they auction ...
Microsoft’s Vulnerability: How the Storm-0558 APT Penetrated the Tech Giant
Advanced Persistent Threats (APTs) are insidious cyberattacks that pose severe threats to organizations. What makes APTs uniquely dangerous is their stealthy nature; attackers gain unauthorized access to an organization’s network and maintain ...
Understanding the Difference Between Penetration Testing and Vulnerability Scanning
Our clients often ask, “What is the difference between vulnerability scanning and penetration testing?” It’s a question that deserves attention, not only because of its frequency but also due to its critical ...
NSFOCUS AISecOps: Elevating Your Security Operations Efficacy and Mitigating Alert Fatigue
In the realm of security operations, enterprises often face challenges such as a high volume of alerts, an inability to pinpoint real threats, insufficient security knowledge, and a lack of operational staff ...
Cybersecurity Awareness Month: The Evolution of Ransomware
Tristan Morris | | Blog, Cybersecurity, cybersecurity awareness, Incident Response & Threat Intelligence
This Cybersecurity Awareness Month, join GuidePoint Security for A Voyage Beyond the Horizon, a speculative exploration of possible scenarios that […] ...