Continuing coverage on the Log4j High-Risk Vulnerability. Here are the latest updates from the CBI Security Alert Team.

Continuing coverage on the Log4j High-Risk Vulnerability. Here are the latest updates from the CBI Security Alert Team.

Currently running on 3 billion devices worldwide, Log4j has been exposed to a high-risk vulnerability underactive and vigorous exploitation.

Russia-linked cybercriminal gang REvil has exploited Kaseya’s cloud-based IT management and remote monitoring software to hit managed service providers (MSPs) and their customers in the biggest ransomware attack on record.

SAP and Onapsis security researchers have released a threat intelligence report detailing the active exploitation of critical SAP application vulnerabilities. Multiple “advanced threat actors” are carrying out a range of attacks with techniques that could lead to full control of unsecured applications.

Microsoft has announced multiple zero-day Microsoft Exchange vulnerabilities are being exploited by Chinese hacking group Hafnium.

Another major hospital network, experienced a significant ransomware attack that led to the shutdown of several US computing systems.

The 'SigRed' vulnerability allows remote attackers to gain domain administrator privileges by sending malicious queries to Windows DNS servers, opening the door for attackers to execute remote code, intercept traffic and steal credentials. 

In this CBI Security Alert, Senior Penetration Tester Aaron Pohl goes in-depth about Ripple20, a set of critical software vulnerabilities that could potentially affect hundreds of millions of devices in the coming years.

In this CBI Security Alert, VP of Systems Engineering Dan Gregory provides his perspective on the EKANS ransomware threat that has been targeting industrial control system environments.

Microsoft Internet Explorer has a Zero Day exploit that is already being taken advantage of – CBI's Troy Jessee provides details and remediation info in this CBI Security Alert.

The latest CBI Insights article give you everything you need to know about the Capital One data breach, what it means to you and next steps to protect your organization.

CBI provides an overview of BEC scams, a threat where employees receive realistic but falsified email requests.

Today’s Security Alert highlights the new Microsoft patch that protects older versions of Windows from “wormable” malware attacks.

Unidentified group of hackers breached the City of Baltimore’s IT infrastructure in a cyberattack using ransomware known as, “RobbinHood.”

In this CBI Insights blog post, we review evolving data threats like RAMBleeds and how to get ahead of them.