Resource Center

businessman-working-with-client-2021-09-24-03-51-27-utc
 

Press Releases

1 min read

CyRisk Announces Its Participation in Munich Re Specialty Insurance’s Reflex Cyber Risk Management Program for  Policyholders

CyRisk Inc.—a leading cyber risk management and data analytics company dedicated to delivering best in class...

 

Education

Blog Posts. 

5 min read

Understanding Privacy Risk Exposures: Tools for Underwriting This Emerging Risk

The increasing concern over privacy risk exposure is well justified, as privacy-related class action settlements...

5 min read

10 Cyber Insurtech Companies Driving Innovation for the Industry

According to the latest data, the cyber insurance market is expected to grow from US$14.18 billion in 2023 to $32.52...

3 min read

The Invisible Threat: Hidden Economics of Zero Day Markets and What Cyber Insurers Should Know

Of the roughly 35 million business entities in the United States today, all but a small fraction are seriously...

5 min read

Privacy Risk Exposures -  Pixels, Session Replay, and Tracking Tools: A New Wave Of Privacy Risks Cyber Insurers Can’t Ignore

Inflation may be bad these days, but the cost of improper use of web-based advertising and marketing technology (adtech...

 

Mitigation

Trending. 

1 min read

Mitigation Instructions for CVE-2014-4078

SUBJECT: CVE-2014-4078 Internet Explorer Memory Corruption Vulnerability

TECH STACK: Microsoft Internet Explorer v. 6,...

1 min read

Mitigation Instructions for CVE-2020-15778

SUBJECT:CVE-2020-15778 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

TECH...

2 min read

Mitigation Instructions for CVE-2021-34523

SUBJECT: CVE-2021-34523 Microsoft Exchange Server Privilege Escalation Vulnerability

TECH STACK: Microsoft Exchange...

2 min read

Mitigation Instructions for CVE-2010-3972

SUBJECT:CVE-2010-3972 Heap-based buffer overflow

TECH STACK: Microsoft FTP Service 7.0 and 7.5

DATE(S) ISSUED:...

2 min read

Mitigation Instructions for CVE-2015-1635

SUBJECT: Microsoft Windows HTTP.sys Code Execution Vulnerability

TECH STACK: PHP before 5.3.12 and 5.4.x before 5.4.2

...

2 min read

Mitigation Instructions for CVE-2020-36193

SUBJECT: CVE-2020-36193 PEAR Archive_Tar Improper Link Resolution Vulnerability

TECH STACK: Archive_Tar library prior...

2 min read

Mitigation Instructions for CVE-2021-31207

SUBJECT: CVE-2021-31207 Microsoft Exchange Server Security Feature Bypass Vulnerability

TECH STACK: Microsoft Exchange...

2 min read

Mitigation Instructions for CVE-2022-0028

SUBJECT: CVE-2022-0028 Palo Alto Networks PAN-OS Reflected Amplification Denial-of-Service Vulnerability 

TECH STACK: ...

3 min read

Mitigation Instructions for CVE-2021-40438

SUBJECT: CVE-2021-40438 Apache HTTP Server-Side Request Forgery (SSRF)

TECH STACK: Apache HTTP Server versions 2.4.1 to...

2 min read

Mitigation Instructions for CVE-2021-39226

SUBJECT: CVE-2021-39226 Grafana Authentication Bypass Vulnerability

TECH STACK: Grafana versions 7.2.0 to 7.5.5

...

3 min read

Mitigation Instructions for CVE-2012-1823

SUBJECT: CVE-2012-1823 PHP-CGI Query String Parameter Vulnerability

TECH STACK: PHP before 5.3.12 and 5.4.x before 5.4.2

1 min read

Mitigation Instructions for CVE-2019-0211

SUBJECT: CVE-2019-0211 Apache HTTP Server scoreboard RCE Vulnerability

TECH STACK:Apache HTTP Server v. 2.4.17 to...

2 min read

Mitigation Instructions for CVE-2010-2730

SUBJECT:CVE-2010-2730 Buffer overflow in (IIS) 7.5

TECH STACK: Microsoft Internet Information Services (IIS) 7.5,...

3 min read

Mitigation Instructions for CVE-2021-26855

SUBJECT: CVE-2021-26855 - Microsoft Exchange Server Remote Code Execution Vulnerability

TECH STACK: Microsoft Exchange...

5 min read

Mitigation Instructions for CVE-2021-42013

SUBJECT: CVE-2021-42013 Apache HTTP Server 2.4.49 and 2.4.50 Path Traversal

TECH STACK: Apache HTTP Server 2.4.50.

...

1 min read

Mitigation Instructions for CVE-2019-11043

SUBJECT: CVE-2019-11043 PHP Buffer Overflow Remote Code Execution Vulnerability

TECH STACK: PHP FPM v.7.3.10 and below

...

2 min read

Mitigation Instructions for CVE-2014-0160

SUBJECT: CVE-2014-0160 OpenSSL Information Disclosure Vulnerability

TECH STACK:OpenSSL versions 1.0.1 through 1.0.1f

...

1 min read

Mitigation Instructions for CVE-2021-26857

SUBJECT: Microsoft Exchange Server Remote Code Execution Vulnerability

TECH STACK:MICROSOFT EXCHANGE SERVER

DATE(S)...

1 min read

Mitigation Instructions for PureFTPD

Securing PureFTPD is essential to safeguard data integrity and prevent unauthorized access to your system. Here's a...

1 min read

Mitigation Instructions for ProFTPD mod_sftp

Securing ProFTPD with mod_sftp involves several steps to ensure data integrity and prevent unauthorized access:

  1. ...

1 min read

Mitigation Instructions for CVE-2020-25696

SUBJECT: CVE-2020-25696

TECH STACK: PostgreSQL

  • Versions before 13.1
  • Versions before 12.5
  • Versions before 11.10
  • ...
1 min read

Mitigation Instructions for CVE-2021-26858

SUBJECT: CVE-2021-26858 Microsoft Exchange Server Security Feature Bypass Vulnerability

TECH STACK: Microsoft Exchange...

1 min read

Mitigation Instructions for CVE-2021-34473

SUBJECT: Microsoft Exchange Server Remote Code Execution Vulnerability

TECH STACK: MICROSOFT EXCHANGE SERVER

DATE(S)...

2 min read

Mitigation Instructions for CVE-2020-28949

SUBJECT: CVE-2020-28949 PEAR Archive_Tar Deserialization of Untrusted Data Vulnerability

TECH STACK: PEAR Archive_Tar...

1 min read

Mitigation Instructions for CVE-2022-31813

SUBJECT:CVE-2022-31813 IP based authentication bypass

TECH STACK: Apache HTTP Server versions 2.4.0 through 2.4.55

...

1 min read

Mitigation Instructions for CVE-2023-25690

SUBJECT:CVE-2023-25690 HTTP Request Smuggling attack

TECH STACK: Apache HTTP Server versions 2.4.0 through 2.4.55

...

1 min read

Mitigation Instructions for CVE-2021-27065

SUBJECT:CVE-2021-27065 Microsoft Exchange Server Remote Code Execution Vulnerability (HAFNIUM Exploited)

TECH STACK: ...

1 min read

Mitigation Instructions for Apple Remote Desktop VNC

To safeguard Apple Remote Desktop (ARD) VNC (Virtual Network Computing), a tool that enables remote access and...

1 min read

Mitigation Instructions for OpenSSH

To safeguard OpenSSH, which is a widely used tool for secure remote access to servers, follow these general remediation...

2 min read

Mitigation Instructions for CVE-2019-1579

SUBJECT:CVE-2019-1579  Remote Code Execution in PAN-OS GlobalProtect Interface

TECH STACK: PAN-OS_GlobalProtect...

2 min read

Mitigation Instructions for CVE-2021-44832 (log4shell)

SUBJECT: Apache Log4j (also called Log4Shell) Vulnerability CVE-2021-44832

CRITICALITY: Extremely Critical.

OVERVIEW:...

2 min read

Mitigation Instructions for CVE-2020-13671

SUBJECT: CVE-2020-13671 Drupal core Un-restricted Upload of File

TECH STACK: Cisco IOS and IOS XE software versions...

1 min read

Mitigation Instructions for Remote Desktop Protocol (RDP)

General Remediation Steps to Safeguard Remote Desktop Protocol (RDP):

  1. Enable Network Level Authentication (NLA):...

1 min read

Mitigation Instructions for CVE-2019-10211

SUBJECT:CVE-2019-10211 Improper Control of Generation of Code ('Code Injection')

TECH STACK: Postgresql Windows...

5 min read

Mitigation Instructions for CVE-2021-41773

SUBJECT: CVE-2021-41773 Apache HTTP Server Path Traversal Vulnerability

TECH STACK: Apache HTTP Server versions 2.4.1...

1 min read

Mitigation Instructions for CVE-2018-7600

SUBJECT: Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002 

TECH STACK:DRUPAL 7.X AND 8.X...

2 min read

Mitigation Instructions for CVE-2021-45105

SUBJECT: Apache Log4j (also called Log4Shell) Vulnerability CVE-2021-45105

TECH STACK: APACHE LOG4J2 2.0-ALPHA THROUGH...

2 min read

Mitigation Instructions for CVE-2020-2021

SUBJECT:CVE-2020-2021: Improper Verification of Signatures in PAN-OS SAML Authentication

TECH STACK: PAN-OS_SAML...

1 min read

Mitigation Instructions for CVE-2019-10164

SUBJECT:CVE-2019-10164 Stack-based buffer overflow via setting a password

TECH STACK: PostgreSQL versions 10.x before...

1 min read

Mitigation Instructions for CVE-2018-7602

SUBJECT: CVE-2018-7602 Drupal Core Remote Code Execution Vulnerability

TECH STACK: Drupal 7.x and 8.x

DATE(S) ISSUED:...

 

Stay in the know

Subscribe to receive updates as they become available.