top of page

Services
Professional services
Security Risk Assessment
Customized risk and compliance gap assessments with a tailored roadmap to address gaps and vulnerabilities.
Virtual CISO (vCISO)
Expert security leadership that assesses, addresses, and continually improves your security posture and compliance, all at a fraction of the cost of a full-time CISO.
Penetration Testing
Comprehensive penetration testing to uncover vulnerabilities and reinforce your defenses before attackers can exploit them.
Incident Response
Incident response plan development and testing, paired with rapid, expert action to contain security incidents, minimize damage, and maintain compliance with industry standards.
Managed Services
Third-Party Risk Management
Securely manage vendor relationships from start to finish.
Security Awareness Training
Empower your team to recognize threats.
Email Security
Protect your inbox from phishing and spam.
Vulnerability Management
Continuous scanning and alerts for swift risk remediation.
Managed Detection & Response (MDR)
Quickly detect, respond, and recover from advanced threats.
Password Management
Secure, manage, and simplify passwords.
Dark Web Monitoring
Monitor exposed data before it’s used against you.
Industry
Healthcare
Ensure patient trust with robust data protection and compliance.
Financial Services
Safeguard financial data while meeting compliance at every level.
K-12 Education
Enhance student safety and privacy while supporting educational goals.
Framework
HIPAA
SOC 2
Additional frameworks
Simplify security: How to build your security program with NIST CSF 2.0
Download the ebook
Resources
Resources
Blog
Stay updated with the latest trends and insights in cybersecurity. From industry news to expert analyses, our blog keeps you informed.
Podcast
Listen to expert discussions on pressing cybersecurity issues. Featuring interviews and practical advice, our podcast keeps you engaged and informed.
Security community
Stay updated with the latest security news and join the conversation. Connect with peers, share insights, and leave comments on the most recent updates.
Guides and reports
Access comprehensive guides and reports with actionable insights and strategies to improve your security stance.
Master HIPAA: How to achieve compliance with our ultimate guide
Download the guide
Company
Contact
Partners

Free Cybersecurity Review

To test this feature, visit your live site.

Security Bulletin

Updates on the latest exploits and vulnerabilities

Security Bulletin

Zero-Day Vulnerability Suspected in Attacks on Fortinet Firewalls with Exposed Interfaces

What:

Attackers gained unauthorized access to management interfaces of FortiGate firewalls, creating super admin accounts, altering configurations, and setting up SSL VPN access.
Exploitation involved DCSync techniques for credential extraction and lateral movement.
Vulnerability affects FortiOS (versions 7.0.0–7.0.16, 7.2.0–7.2.12) and FortiProxy (versions 7.0.0–7.0.19, 7.2.0–7.2.12).
CVE-2024-55591 has a critical CVSS score of 9.6.

Impact:

Widespread, opportunistic targeting with no specific sector focus.
Attackers used crafted requests via Node.js websocket to gain super-admin privileges.
Victims' networks were compromised, enabling attackers to extract credentials, create accounts, and manipulate firewall policies.
Organizations with exposed firewall management interfaces are at significant risk.

Mitigation:

Upgrade to patched firmware:
- FortiOS 7.0.17 or above, 7.2.13 or above.
- FortiProxy 7.0.20 or above, 7.2.13 or above.
Restrict public access to firewall management interfaces and limit to trusted users.

Read the full article HERE

Like

Comments (0)

Google OAuth Vulnerability Exposes Millions via Failed Startup Domains

Who:

Vulnerability discovered in Google’s “Sign in with Google” OAuth authentication flow.
Truffle Security, led by co-founder and CEO Dylan Ayrey, identified the issue.

What:

Attackers can exploit domain ownership changes by purchasing domains of defunct startups.
Re-created email accounts on purchased domains can be used to access SaaS platforms previously tied to the accounts, such as OpenAI ChatGPT, Slack, Notion, Zoom, and HR systems.
Sensitive data at risk includes tax documents, pay stubs, Social Security numbers, and hiring records.

Impact:

Millions of users’ data could be compromised.
No current protections for downstream software providers against this flaw.
Google reopened the bug report (December 2024), awarded a bounty of $1,337, and labeled the issue as high impact.
Individuals remain vulnerable once off-boarded from startups, with no safeguards against domain ownership exploitation.

Read the full article HERE

Like

Comments (0)

Cleo File Transfer Vulnerability Under Exploitation – Patch Pending, Mitigation Urged

Who:

Cleo: Developer of LexiCom, VLTransfer, and Harmony file transfer software, affected by critical vulnerabilities.
Huntress and Rapid7: Cybersecurity firms tracking and reporting exploitation activity.
Termite ransomware group: Suspected attackers exploiting a zero-day vulnerability, potentially linked to previous Cl0p operations.
Victim organizations: Include businesses in consumer products, logistics, shipping, and food supply sectors.

What:

Vulnerability (CVE-2024-50623): Allows unauthenticated remote code execution via unrestricted file uploads.
Exploit Activity: Attackers use autorun functionality to drop malicious files and execute commands. Exploitation observed since December 3, with a spike on December 8.
Ransomware Impact: Termite uses modified Babuk ransomware, encrypting files and adding a ".termite" extension.

Impact:

At least 10 businesses compromised, with critical sectors affected.
Exploitation widespread: Highlights risks of unmanaged internet exposure for file transfer tools.
Termite ransomware may signify an evolution of Cl0p or a new threat group operating with similar tactics.
Patch pending: Users must urgently apply mitigations and restrict software exposure until Cleo releases a fix.

Read the full article HERE

Like

Comments (0)

New Research Reveals Spectre Vulnerability Persists in Latest AMD and Intel Processors

Who:

Entities Involved: ETH Zürich researchers, targeting AMD and Intel processors.

What:

Discovery: New research reveals that even the latest AMD and Intel processors remain vulnerable to Spectre-style speculative execution attacks, undermining existing mitigations (IBPB) on x86 chips.
New Vulnerabilities Identified:
- Intel: A microcode flaw allows bypassing IBPB on Intel’s Golden Cove and Raptor Cove architectures, causing cross-process Spectre leaks.
- AMD: Post-Barrier Inception (PB-Inception) enables privileged memory leakage in AMD Zen 1(+) and Zen 2 processors.

Impact:

Security Risks: This vulnerability compromises sensitive data protection across both Intel and AMD chips, enabling attackers to bypass process boundaries and potentially access privileged data.
Mitigations: Intel issued a microcode patch (CVE-2023-38575), and AMD has recommended kernel updates for affected systems.

Read the full article HERE

Like

Comments (0)

U.S. Government Issues New TLP Guidance for Cross-Sector Threat Intelligence Sharing

Who:

Entity Involved: U.S. Government (USG), including Federal Departments and Agencies, private sector, and individual researchers.

What:

New Guidance Issued: The USG introduced updated Traffic Light Protocol (TLP) guidance for categorizing and sharing sensitive cybersecurity intelligence across sectors.
Purpose: To enhance collaboration, trust, and clarity in threat intelligence sharing, ensuring controlled distribution of sensitive information.

Impact:

Increased Trust and Security: By standardizing how sensitive data is shared, the TLP framework strengthens partnerships within the cybersecurity community, fostering a collective approach to maintaining a secure cyberspace.

Read the full article HERE

Like

Comments (0)

bottom of page