1 min read
CyRisk Announces Its Participation in Munich Re Specialty Insurance’s Reflex Cyber Risk Management Program for Policyholders
CyRisk Inc.—a leading cyber risk management and data analytics company dedicated to delivering best in class...
Resource Center
Press Releases
5 min read
Understanding Privacy Risk Exposures: Tools for Underwriting This Emerging Risk
Sep 12, 2023 by Kevin Lackey
The increasing concern over privacy risk exposure is well justified, as privacy-related class action settlements...
5 min read
10 Cyber Insurtech Companies Driving Innovation for the Industry
Aug 24, 2023 by Kim Manibusan
According to the latest data, the cyber insurance market is expected to grow from US$14.18 billion in 2023 to $32.52...
3 min read
The Invisible Threat: Hidden Economics of Zero Day Markets and What Cyber Insurers Should Know
May 12, 2023 by CyRisk Vulnerability Management Team
Of the roughly 35 million business entities in the United States today, all but a small fraction are seriously...
5 min read
Privacy Risk Exposures - Pixels, Session Replay, and Tracking Tools: A New Wave Of Privacy Risks Cyber Insurers Can’t Ignore
Apr 5, 2023 by CyRisk Vulnerability Management Team
Inflation may be bad these days, but the cost of improper use of web-based advertising and marketing technology (adtech...
Mitigation
Trending.
1 min read
Mitigation Instructions for CVE-2014-4078
Apr 11, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2014-4078 Internet Explorer Memory Corruption Vulnerability
TECH STACK: Microsoft Internet Explorer v. 6,...
1 min read
Mitigation Instructions for CVE-2020-15778
May 15, 2023 by CyRisk Vulnerability Management Team
SUBJECT:CVE-2020-15778 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
TECH...
2 min read
Mitigation Instructions for CVE-2021-34523
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2021-34523 Microsoft Exchange Server Privilege Escalation Vulnerability
TECH STACK: Microsoft Exchange...
2 min read
Mitigation Instructions for CVE-2010-3972
May 15, 2023 by CyRisk Vulnerability Management Team
SUBJECT:CVE-2010-3972 Heap-based buffer overflow
TECH STACK: Microsoft FTP Service 7.0 and 7.5
DATE(S) ISSUED:...
2 min read
Mitigation Instructions for CVE-2015-1635
Mar 21, 2023 by CyRisk Vulnerability Management Team
SUBJECT: Microsoft Windows HTTP.sys Code Execution Vulnerability
TECH STACK: PHP before 5.3.12 and 5.4.x before 5.4.2
...
2 min read
Mitigation Instructions for CVE-2020-36193
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2020-36193 PEAR Archive_Tar Improper Link Resolution Vulnerability
TECH STACK: Archive_Tar library prior...
2 min read
Mitigation Instructions for CVE-2021-31207
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2021-31207 Microsoft Exchange Server Security Feature Bypass Vulnerability
TECH STACK: Microsoft Exchange...
2 min read
Mitigation Instructions for CVE-2022-0028
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2022-0028 Palo Alto Networks PAN-OS Reflected Amplification Denial-of-Service Vulnerability
TECH STACK: ...
3 min read
Mitigation Instructions for CVE-2021-40438
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2021-40438 Apache HTTP Server-Side Request Forgery (SSRF)
TECH STACK: Apache HTTP Server versions 2.4.1 to...
2 min read
Mitigation Instructions for CVE-2021-39226
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2021-39226 Grafana Authentication Bypass Vulnerability
TECH STACK: Grafana versions 7.2.0 to 7.5.5
...
3 min read
Mitigation Instructions for CVE-2012-1823
Mar 21, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2012-1823 PHP-CGI Query String Parameter Vulnerability
TECH STACK: PHP before 5.3.12 and 5.4.x before 5.4.2
1 min read
Mitigation Instructions for CVE-2019-0211
Mar 21, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2019-0211 Apache HTTP Server scoreboard RCE Vulnerability
TECH STACK:Apache HTTP Server v. 2.4.17 to...
2 min read
Mitigation Instructions for CVE-2010-2730
May 15, 2023 by CyRisk Vulnerability Management Team
SUBJECT:CVE-2010-2730 Buffer overflow in (IIS) 7.5
TECH STACK: Microsoft Internet Information Services (IIS) 7.5,...
3 min read
Mitigation Instructions for CVE-2021-26855
Apr 11, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2021-26855 - Microsoft Exchange Server Remote Code Execution Vulnerability
TECH STACK: Microsoft Exchange...
5 min read
Mitigation Instructions for CVE-2021-42013
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2021-42013 Apache HTTP Server 2.4.49 and 2.4.50 Path Traversal
TECH STACK: Apache HTTP Server 2.4.50.
...
1 min read
Mitigation Instructions for CVE-2019-11043
Mar 21, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2019-11043 PHP Buffer Overflow Remote Code Execution Vulnerability
TECH STACK: PHP FPM v.7.3.10 and below
...
2 min read
Mitigation Instructions for CVE-2014-0160
Mar 21, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2014-0160 OpenSSL Information Disclosure Vulnerability
TECH STACK:OpenSSL versions 1.0.1 through 1.0.1f
...
1 min read
Mitigation Instructions for CVE-2021-26857
Apr 11, 2023 by CyRisk Vulnerability Management Team
SUBJECT: Microsoft Exchange Server Remote Code Execution Vulnerability
TECH STACK:MICROSOFT EXCHANGE SERVER
DATE(S)...
1 min read
Mitigation Instructions for PureFTPD
Aug 23, 2023 by CyRisk Vulnerability Management Team
Securing PureFTPD is essential to safeguard data integrity and prevent unauthorized access to your system. Here's a...
1 min read
Mitigation Instructions for ProFTPD mod_sftp
Aug 11, 2023 by CyRisk Vulnerability Management Team
Securing ProFTPD with mod_sftp involves several steps to ensure data integrity and prevent unauthorized access:
...
1 min read
Mitigation Instructions for CVE-2020-25696
May 15, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2020-25696
TECH STACK: PostgreSQL
- Versions before 13.1
- Versions before 12.5
- Versions before 11.10
- ...
1 min read
Mitigation Instructions for CVE-2021-26858
Apr 11, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2021-26858 Microsoft Exchange Server Security Feature Bypass Vulnerability
TECH STACK: Microsoft Exchange...
1 min read
Mitigation Instructions for CVE-2021-34473
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: Microsoft Exchange Server Remote Code Execution Vulnerability
TECH STACK: MICROSOFT EXCHANGE SERVER
DATE(S)...
2 min read
Mitigation Instructions for CVE-2020-28949
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2020-28949 PEAR Archive_Tar Deserialization of Untrusted Data Vulnerability
TECH STACK: PEAR Archive_Tar...
1 min read
Mitigation Instructions for CVE-2022-31813
Jun 13, 2023 by CyRisk Vulnerability Management Team
SUBJECT:CVE-2022-31813 IP based authentication bypass
TECH STACK: Apache HTTP Server versions 2.4.0 through 2.4.55
...
1 min read
Mitigation Instructions for CVE-2023-25690
Jun 13, 2023 by CyRisk Vulnerability Management Team
SUBJECT:CVE-2023-25690 HTTP Request Smuggling attack
TECH STACK: Apache HTTP Server versions 2.4.0 through 2.4.55
...
1 min read
Mitigation Instructions for CVE-2021-27065
May 15, 2023 by CyRisk Vulnerability Management Team
SUBJECT:CVE-2021-27065 Microsoft Exchange Server Remote Code Execution Vulnerability (HAFNIUM Exploited)
TECH STACK: ...
1 min read
Mitigation Instructions for Apple Remote Desktop VNC
Aug 11, 2023 by CyRisk Vulnerability Management Team
To safeguard Apple Remote Desktop (ARD) VNC (Virtual Network Computing), a tool that enables remote access and...
1 min read
Mitigation Instructions for OpenSSH
Aug 11, 2023 by CyRisk Vulnerability Management Team
To safeguard OpenSSH, which is a widely used tool for secure remote access to servers, follow these general remediation...
2 min read
Mitigation Instructions for CVE-2019-1579
May 16, 2023 by CyRisk Vulnerability Management Team
SUBJECT:CVE-2019-1579 Remote Code Execution in PAN-OS GlobalProtect Interface
TECH STACK: PAN-OS_GlobalProtect...
2 min read
Mitigation Instructions for CVE-2021-44832 (log4shell)
Apr 11, 2023 by CyRisk Vulnerability Management Team
SUBJECT: Apache Log4j (also called Log4Shell) Vulnerability CVE-2021-44832
CRITICALITY: Extremely Critical.
OVERVIEW:...
2 min read
Mitigation Instructions for CVE-2020-13671
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2020-13671 Drupal core Un-restricted Upload of File
TECH STACK: Cisco IOS and IOS XE software versions...
1 min read
Mitigation Instructions for Remote Desktop Protocol (RDP)
Aug 11, 2023 by CyRisk Vulnerability Management Team
General Remediation Steps to Safeguard Remote Desktop Protocol (RDP):
Enable Network Level Authentication (NLA):...
1 min read
Mitigation Instructions for CVE-2019-10211
May 15, 2023 by CyRisk Vulnerability Management Team
SUBJECT:CVE-2019-10211 Improper Control of Generation of Code ('Code Injection')
TECH STACK: Postgresql Windows...
5 min read
Mitigation Instructions for CVE-2021-41773
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2021-41773 Apache HTTP Server Path Traversal Vulnerability
TECH STACK: Apache HTTP Server versions 2.4.1...
1 min read
Mitigation Instructions for CVE-2018-7600
Mar 21, 2023 by CyRisk Vulnerability Management Team
SUBJECT: Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002
TECH STACK:DRUPAL 7.X AND 8.X...
2 min read
Mitigation Instructions for CVE-2021-45105
Mar 21, 2023 by CyRisk Vulnerability Management Team
SUBJECT: Apache Log4j (also called Log4Shell) Vulnerability CVE-2021-45105
TECH STACK: APACHE LOG4J2 2.0-ALPHA THROUGH...
2 min read
Mitigation Instructions for CVE-2020-2021
May 16, 2023 by CyRisk Vulnerability Management Team
SUBJECT:CVE-2020-2021: Improper Verification of Signatures in PAN-OS SAML Authentication
TECH STACK: PAN-OS_SAML...
1 min read
Mitigation Instructions for CVE-2019-10164
May 15, 2023 by CyRisk Vulnerability Management Team
SUBJECT:CVE-2019-10164 Stack-based buffer overflow via setting a password
TECH STACK: PostgreSQL versions 10.x before...
1 min read
Mitigation Instructions for CVE-2018-7602
Mar 21, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2018-7602 Drupal Core Remote Code Execution Vulnerability
TECH STACK: Drupal 7.x and 8.x
DATE(S) ISSUED:...
Stay in the know
Subscribe to receive updates as they become available.