CVE-2023-22515: Critical Privilege Escalation Vulnerability in Confluence Data Center and Server

On October 4, 2023, Atlassian issued a security advisory revealing potential active exploitation of a previously unknown vulnerability (CVE-2023-22515, CVSS: 10) affecting Confluence Data Center and Server instances that are on-premises. This vulnerability can enable an unauthenticated, anonymous remote threat actor to escalate privileges by creating unauthorized Confluence administrator accounts and accessing Confluence instances across multiple versions of Confluence Data Center and Server.

Cyberattacks on Gaming Developers: Five Security Tips

Gaming companies collect data concerning user behavior for a variety of reasons: to inform investment and content decisions, enable game and advertisement personalization, and improve gameplay, to name a few. However, the data available provides a daunting task for those attempting to make use of it, as well as a ripe target for attackers. Effectively utilizing and protecting this data can be a challenge, especially as the volume of gaming data increases over time.

CVE-2023-20101: Critical Authentication Bypass Vulnerability in Cisco Emergency Responder

On October 4, 2023, Cisco published a security advisory disclosing a critical authentication bypass vulnerability (CVE-2023-20101, CVSS: 9.8) in Cisco Emergency Responder. CVE-2023-20101 allows an unauthenticated, remote threat actor to utilize the root account (this account by default has hard coded credentials that cannot be altered) to log into an affected device.

Microsoft's Anatomy of a modern attack surface: A breakdown

In today’s hyper-connected digital landscape, cyber security has grown increasingly complex. Organisations are shifting operations to the cloud, enabling remote work, and engaging with third-party ecosystems, expanding the potential attack surfaces. Threat actors are exploiting this complexity with high-volume, multi-faceted attacks.

Put Cloud in the Fast Lane: Why SD-WAN

If routing traffic on your network, managing cloud-based software-as-a-service (SaaS) applications, or general cloud connectivity is becoming more difficult for your IT team to manage, you may be ready for a software-defined wide area network (SD-WAN). SD-WAN is powerful networking tool that can help you centrally manage your traffic flow, independent of the underlying hardware on your network.

The 443 Podcast - Episode 264 - Microsoft is Killing NTLM

This week on the podcast, we cover the recent HTTP/2 protocol vulnerability that lead to the largest DDoS attack ever recorded by CloudFlare. After that, we discuss Microsoft's announcement about the deprecation of VBScript and the impending removal of NTLM. We then cover a collection of data allegedly stolen from the genealogy website 23 and Me before ending with a fun bit of research targeting private servers for the Grand Theft Auto Online video game.

Strengthening Cybersecurity: Force multiplication and security efficiency

In the ever-evolving landscape of cybersecurity, the battle between defenders and attackers has historically been marked by an asymmetrical relationship. Within the cybersecurity realm, asymmetry has characterized the relationship between those safeguarding digital assets and those seeking to exploit vulnerabilities.