Antivirus is Dead...Long Live Antivirus

Ingalls has worked Incident Response for over 10 years; in that time we have seen some of the nastiest data breaches and a lot of victims who thought they were safe because they were using popular antivirus software. We’ve seen what works and

02 Sep 2021
Read More

Attackers Don't Break-in. They Log in.

Cybersecurity used to involve a fairly straightforward set of technical controls that kept networks secure and data backed up in the event of a system failure. To do this 10 years ago, IT needed to implement firewalls and antivirus and perform

11 Aug 2021
Read More

SolarWinds Serv-U RCE 0-Day Vulnerability (CVE-2021-35211)

Microsoft recently informed SolarWinds about a Remote Memory Escape vulnerability that can result in Remote Code Execution in the SolarWinds Serv-U Managed File Transfer Server and Serv-U Secured FTP products. Microsoft provided SolarWinds with a

13 Jul 2021
Read More

PrintNightmare Update (CVE-2021-34527)

Microsoft has completed the investigation and has released security updates to address this vulnerability. It is recommended that these updates be installed immediately. Note that the security updates released on and after July 6, 2021, contain

07 Jul 2021
Read More

PrintNightmare Vulnerability (CVE-2021-1675)

CVE-2021-1675 (aka PrintNightmare) is a vulnerability in the built-in Windows “Print Spooler” service. Microsoft released a patch for CVE-2021-1675 as a low-severity vulnerability on June 8. However, it has since been determined that the

01 Jul 2021
Read More

VMware vCenter Vulnerabilities

VMWare refers to these two vulnerabilities collectively as VMSA-2021-0010.
  • CVE-2021-21985 - The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which
22 Jun 2021
Read More
Previous 1 2 3 4 5 ... 12 Next