Security Blog

Unraveling CVE-2023-2868: Understanding the Risks and Staying Secure

Robotic fish

Credit: Bing Image Creator

Barracuda, a cybersecurity firm, has recently disclosed a critical vulnerability in their Email Security Gateway (ESG) appliances that has been actively exploited by threat actors in the wild since at least October 2022. This vulnerability, known as a remote command injection flaw, specifically targets a subset of devices running versions 5.1.3.001-9.2.0.006. The firm has identified that the vulnerability resides within a module responsible for conducting initial scans on attachments within incoming emails. Whilst initially addressable via a patch, the vendor is now urging its customers to replace the hardware appliances as they are unfixable.

read more

The Level of Human Engagement Behind Automated Attacks

Even automated attacks are driven by humans, but the level of engagement we observed may surprise you! When the human or an organization behind an automated attack shows higher levels of innovation and sophistication in their attack tactics, the danger increases dramatically as they are no longer simply employing an opportunistic “spray and pray” strategy, but rather more highly evolved strategies that are closer to a so-called targeted attack.

read more

The value of assessments in building cyber resiliency and maturity

Cybersecurity AssessmentCyber Resiliency is the ability to anticipate, protect against, withstand, and recover from adverse conditions, stresses, attacks, and compromises of cyber-enabled business.

If one of your 2023 security goals is to become more cyber resilient, it’s time to consider a cybersecurity assessment if you’re not already conducting one. Regardless of your goals or priorities, regular cybersecurity assessments should be on every organization’s radar because of the value they provide to security teams.

We spoke with Eric Rochette, Senior VP of GoSecure’s Global Services who has helped hundreds of organizations better understand their security risk and maturity through assessments and asked him to share his insights and experiences in a Q&A session.

read more

Categories

Titan Managed Detection & Response
Next-Generation Antivirus
Endpoint Detection & Response
Network Detection & Response
Inbox Detection & Response
Managed Firewall
Managed SIEM
Vulnerability Management as a Service
GoSecure Titan
Titan Software
Secure Email Gateway
Web Security
ResponderPRO Forensics Toolkit
Advisory Services
Breach Readiness Services
Custom Cybersecurity Consulting Services
Cybersecurity Assessment
Incident Response Services
Red & Purple Team Services
Penetration Testing Services
Privacy & Compliance Services
Security Compromise Assessment
3rd Party Technology

Pin It on Pinterest