Executive Summary On May 27th 2022, @nao_sec identified a malicious Microsoft Word document using a “ms-msdt” protocol scheme for arbitrary code execution. As the industry continues to identify novel ways to abuse this ability over the weekend, Microsoft assigned it as CVE-2022-30190. Similar to what we observed with Log4j, the methods of execution and outcomes …
Last week, the OpenSSL project team announced the release of OpenSSL version 3.0.7, which was made available on Tuesday, November 1st. The update is a security fix for two vulnerabilities in OpenSSL 3.0.x, and developers and organizations are being urged to ensure that they patch any instances of OpenSSL 3 in their software stack as …
OpenSSL 3 Critical Vulnerability | What Do Organizations Need To Do Now? Read More »
By Juan Andres Guerrero-Saade, Asaf Gilboa, David Acs, James Haughom, Phil Stokes & SentinelLabs Executive Summary As of Mar 22, 2023 SentinelOne began to see a spike in behavioral detections of the 3CXDesktopApp, a popular voice and video conferencing software product categorized as a Private Automatic Branch Exchange (PABX) platform. Behavioral detections prevented these trojanized …
SmoothOperator | Ongoing Campaign Trojanizes 3CXDesktopApp in Supply Chain Attack Read More »
Unify to simplify the management of clouds, devices, users, and apps Read the full post.
Reimagining retail experiences with The Cisco Store Tech Lab Read the full post.
A quick snapshot of who and what to see in Las Vegas Read the full post.
Enable simplicity, efficiency, and reliability to transform your business Read the full post.
A More Proactive Network Mantra Read the full post.
Cisco Networking Cloud is our vision to simplify IT, everywhere, at every scale Read the full post.
Cloud-first strategies for attracting and maintaining talent Read the full post.
