1 min read
CyRisk Announces Its Participation in Munich Re Specialty Insurance’s Reflex Cyber Risk Management Program for Policyholders
CyRisk Inc.—a leading cyber risk management and data analytics company dedicated to delivering best in class...
Aug 16, 2023 by Kim Manibusan
CyRisk Inc.—a leading cyber risk management and data analytics company dedicated to delivering best in class...
Blog Posts.
Sep 12, 2023 by Kevin Lackey
The increasing concern over privacy risk exposure is well justified, as privacy-related class action settlements...
Aug 24, 2023 by Kim Manibusan
According to the latest data, the cyber insurance market is expected to grow from US$14.18 billion in 2023 to $32.52...
May 12, 2023 by CyRisk Vulnerability Management Team
Of the roughly 35 million business entities in the United States today, all but a small fraction are seriously...
Apr 5, 2023 by CyRisk Vulnerability Management Team
Inflation may be bad these days, but the cost of improper use of web-based advertising and marketing technology (adtech...
Trending.
Apr 11, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2014-4078 Internet Explorer Memory Corruption Vulnerability
TECH STACK: Microsoft Internet Explorer v. 6,...
May 15, 2023 by CyRisk Vulnerability Management Team
SUBJECT:CVE-2020-15778 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
TECH...
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2021-34523 Microsoft Exchange Server Privilege Escalation Vulnerability
TECH STACK: Microsoft Exchange...
May 15, 2023 by CyRisk Vulnerability Management Team
SUBJECT:CVE-2010-3972 Heap-based buffer overflow
TECH STACK: Microsoft FTP Service 7.0 and 7.5
DATE(S) ISSUED:...
Mar 21, 2023 by CyRisk Vulnerability Management Team
SUBJECT: Microsoft Windows HTTP.sys Code Execution Vulnerability
TECH STACK: PHP before 5.3.12 and 5.4.x before 5.4.2
...
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2020-36193 PEAR Archive_Tar Improper Link Resolution Vulnerability
TECH STACK: Archive_Tar library prior...
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2021-31207 Microsoft Exchange Server Security Feature Bypass Vulnerability
TECH STACK: Microsoft Exchange...
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2022-0028 Palo Alto Networks PAN-OS Reflected Amplification Denial-of-Service Vulnerability
TECH STACK: ...
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2021-40438 Apache HTTP Server-Side Request Forgery (SSRF)
TECH STACK: Apache HTTP Server versions 2.4.1 to...
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2021-39226 Grafana Authentication Bypass Vulnerability
TECH STACK: Grafana versions 7.2.0 to 7.5.5
...
Mar 21, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2012-1823 PHP-CGI Query String Parameter Vulnerability
TECH STACK: PHP before 5.3.12 and 5.4.x before 5.4.2
Mar 21, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2019-0211 Apache HTTP Server scoreboard RCE Vulnerability
TECH STACK:Apache HTTP Server v. 2.4.17 to...
May 15, 2023 by CyRisk Vulnerability Management Team
SUBJECT:CVE-2010-2730 Buffer overflow in (IIS) 7.5
TECH STACK: Microsoft Internet Information Services (IIS) 7.5,...
Apr 11, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2021-26855 - Microsoft Exchange Server Remote Code Execution Vulnerability
TECH STACK: Microsoft Exchange...
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2021-42013 Apache HTTP Server 2.4.49 and 2.4.50 Path Traversal
TECH STACK: Apache HTTP Server 2.4.50.
...
Mar 21, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2019-11043 PHP Buffer Overflow Remote Code Execution Vulnerability
TECH STACK: PHP FPM v.7.3.10 and below
...
Mar 21, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2014-0160 OpenSSL Information Disclosure Vulnerability
TECH STACK:OpenSSL versions 1.0.1 through 1.0.1f
...
Apr 11, 2023 by CyRisk Vulnerability Management Team
SUBJECT: Microsoft Exchange Server Remote Code Execution Vulnerability
TECH STACK:MICROSOFT EXCHANGE SERVER
DATE(S)...
Aug 23, 2023 by CyRisk Vulnerability Management Team
Securing PureFTPD is essential to safeguard data integrity and prevent unauthorized access to your system. Here's a...
Aug 11, 2023 by CyRisk Vulnerability Management Team
Securing ProFTPD with mod_sftp involves several steps to ensure data integrity and prevent unauthorized access:
...
May 15, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2020-25696
TECH STACK: PostgreSQL
Apr 11, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2021-26858 Microsoft Exchange Server Security Feature Bypass Vulnerability
TECH STACK: Microsoft Exchange...
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: Microsoft Exchange Server Remote Code Execution Vulnerability
TECH STACK: MICROSOFT EXCHANGE SERVER
DATE(S)...
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2020-28949 PEAR Archive_Tar Deserialization of Untrusted Data Vulnerability
TECH STACK: PEAR Archive_Tar...
Jun 13, 2023 by CyRisk Vulnerability Management Team
SUBJECT:CVE-2022-31813 IP based authentication bypass
TECH STACK: Apache HTTP Server versions 2.4.0 through 2.4.55
...
Jun 13, 2023 by CyRisk Vulnerability Management Team
SUBJECT:CVE-2023-25690 HTTP Request Smuggling attack
TECH STACK: Apache HTTP Server versions 2.4.0 through 2.4.55
...
May 15, 2023 by CyRisk Vulnerability Management Team
SUBJECT:CVE-2021-27065 Microsoft Exchange Server Remote Code Execution Vulnerability (HAFNIUM Exploited)
TECH STACK: ...
Aug 11, 2023 by CyRisk Vulnerability Management Team
To safeguard Apple Remote Desktop (ARD) VNC (Virtual Network Computing), a tool that enables remote access and...
Aug 11, 2023 by CyRisk Vulnerability Management Team
To safeguard OpenSSH, which is a widely used tool for secure remote access to servers, follow these general remediation...
May 16, 2023 by CyRisk Vulnerability Management Team
SUBJECT:CVE-2019-1579 Remote Code Execution in PAN-OS GlobalProtect Interface
TECH STACK: PAN-OS_GlobalProtect...
Apr 11, 2023 by CyRisk Vulnerability Management Team
SUBJECT: Apache Log4j (also called Log4Shell) Vulnerability CVE-2021-44832
CRITICALITY: Extremely Critical.
OVERVIEW:...
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2020-13671 Drupal core Un-restricted Upload of File
TECH STACK: Cisco IOS and IOS XE software versions...
Aug 11, 2023 by CyRisk Vulnerability Management Team
General Remediation Steps to Safeguard Remote Desktop Protocol (RDP):
Enable Network Level Authentication (NLA):...
May 15, 2023 by CyRisk Vulnerability Management Team
SUBJECT:CVE-2019-10211 Improper Control of Generation of Code ('Code Injection')
TECH STACK: Postgresql Windows...
Mar 22, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2021-41773 Apache HTTP Server Path Traversal Vulnerability
TECH STACK: Apache HTTP Server versions 2.4.1...
Mar 21, 2023 by CyRisk Vulnerability Management Team
SUBJECT: Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002
TECH STACK:DRUPAL 7.X AND 8.X...
Mar 21, 2023 by CyRisk Vulnerability Management Team
SUBJECT: Apache Log4j (also called Log4Shell) Vulnerability CVE-2021-45105
TECH STACK: APACHE LOG4J2 2.0-ALPHA THROUGH...
May 16, 2023 by CyRisk Vulnerability Management Team
SUBJECT:CVE-2020-2021: Improper Verification of Signatures in PAN-OS SAML Authentication
TECH STACK: PAN-OS_SAML...
May 15, 2023 by CyRisk Vulnerability Management Team
SUBJECT:CVE-2019-10164 Stack-based buffer overflow via setting a password
TECH STACK: PostgreSQL versions 10.x before...
Mar 21, 2023 by CyRisk Vulnerability Management Team
SUBJECT: CVE-2018-7602 Drupal Core Remote Code Execution Vulnerability
TECH STACK: Drupal 7.x and 8.x
DATE(S) ISSUED:...
Subscribe to receive updates as they become available.