Kaseya Labs:

Actionable Threat
Research & Analysis

The volume and velocity of today’s cyberthreats puts millions of businesses at risk of data theft and ransomware. Here, you get valuable and timely cyberthreat information, designed for easy consumption and quick action.

Categories

Education
News
Threats
Vulnerabilities
Threats
Vulnerabilities

Lockbit Still Alive and Well? ScreenConnect Vulns Under Active Exploitation

ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and CVE-2024-1709), disclosed on 19 February 2024, has been under heavy attack in the last 24 hours. Kaseya security services have several cases open across multiple customers. Cloud versions of Screenconnect have already been updated. All customers running local, on-prem / self-hosted versions of Screenconnect are advised to update to version […]

Read more
Education

AnyDesk Confirms Compromise of Code Signing Certificates

On 2 Febuary 2024, AnyDesk Software GmbH, the maker of the popular remote desktop software by the same name, disclosed that their corporate network had been breached and source code had been accessed and code signing certificates had been compromised. This was following a 4 day outage in which their software was inaccessible. In their […]

Read more
Education

LogoFAIL – Widespread UEFI Firmware Vulnerabilities In MOST devices

Chris Gerritz

Posted on Dec 6

Today (6 December) at Blackhat Europe, Binarly presented the details of LogoFAIL, a set of firmware vulnerabilities found in hundreds of UEFI BIOS vendors and versions. These are widespread vulnerabilities impacting a massive range of computers, servers, and many other device types regardless of architecture (affects both x86 and ARM). These vulnerabilities allow an attacker […]

Read more
Vulnerabilities

CVE-2023-49103 – ownCloud Under Attack

ownCloud, a popular open-source file server facilitating secure storage, file-sharing, and collaboration, released information on several flaws that potentially exposed credential information. These are considered especially CRITICAL vulnerabilities if the ownCloud server is hosted in a containered enviroment (e.g. Docker). These vulnerabilities expose sensative information due to a default php page that was left open […]

Read more
Vulnerabilities

Critical Vulnerability: Cisco IOS Now Patch Available (CVE-2023-20198)

Chris Gerritz

Posted on Oct 24

Published: 24 October 2023 Last Updated: 24 October 2023 DEFCON-level vulnerabilities in Cisco IOS’s Web UI, which has resulted in tens of thousands of Cisco switches and routers hacked in the last month, has finally been patched (as of 23 Aug 2023). Cisco IOS is the operating system of Cisco devices and its’ web User […]

Read more
Vulnerabilities

Exploited Vulnerability: WinRAR (CVE-2023-38831)

Chris Gerritz

Posted on Oct 19

Published: 19 October 2023 Last Updated: 20 October 2023 A WinRAR vulnerability published this summer has continued to be a highly exploited vulnerability due to the fact that WinRaR does NOT have auto-update capabilities. As of 20 October 2023, our security monitoring data shows 80% of WinRAR installs are still running vulnerable versions and over […]

Read more
Education

When Small IT Teams Must Do Incident Response

Chris Gerritz

Posted on Oct 14

Ransomware. Malware. Cyber Attacks. Our online data and services are attacked constantly and despite our best efforts to stop them,…
Read more

Our complete, integrated, and cost-effective platform is trusted by over 500,000 IT Professionals globally to manage and secure more than 300 million devices.

© 2023 Kaseya. All rights reserved.