Threat Hunt of the Month: CVE-2024-37085 Vulnerability in VMware ESXi Hypervisors – Privilege Escalation and Ransomware Risks
In September 2024, GoSecure Threat Hunters selected a critical vulnerability, CVE-2024-37085, affecting VMware ESXi hypervisors. This vulnerability, which allows for privilege escalation, could give attackers administrative access to ESXi hosts. Such access could lead to ransomware deployment, data theft, and control over key assets within virtual environments.
Understanding the Microsoft Outage BSOD Incident: Navigating Security Challenges with GoSecure
Today, reports detailing a Blue Screen of Death (BSOD) issue impacting Microsoft systems with CrowdStrike’s Falcon sensor installed has had worldwide implications and outages. The BSOD issue arose following an update to the CrowdStrike Falcon sensor. This malfunction caused affected systems to crash, presenting a blue screen error, a situation that can disrupt business operations and compromise security by leaving systems unprotected.
North Korean Actors Exploit Weak DMARC – Security Policies to Mask Spearphishing Efforts
A recent FBI advisory unveils a chilling narrative: North Korean state actors, exploited weak DMARC security policies to mask their spearphishing campaigns. Such revelations underscore the critical need for robust defense mechanisms. GoSecure Titan® Email Security, which bundles GoSecure Titan® Secure Email Gateway (SEG) and GoSecure Titan® Incident Detection and Response (IDR) is not merely a tool; it’s a bastion of digital safety, meticulously designed to counteract these tactics. As the machinations of these actors unfold, our solutions stand ready, turning potential vulnerabilities into fortified defenses.
Combating Advanced Cyber Threats: GoSecure’s Proactive Defense Against the Ivanti Connect Secure VPN Breach
Ivanti Connect Secure VPN faced a significant security breach involving two critical vulnerabilities – CVE-2023-46805 and CVE-2024-21887. These vulnerabilities allowed attackers to bypass authentication and execute arbitrary commands remotely. The attackers were able to steal sensitive data, modify files, and set up web shells for persistent network access.
Enhancing Cyber Risk Dialogue: Lessons from SEC’s Recent Action
As a reaction to a number of major corporate and accounting scandals (namely Enron and WorldCom), twenty years ago the Sarbanes-Oxley Act (SOX) was enacted. The law is almost certainly present in the day-to-day professional lives of every public company CFO and CEO.
