Cybersecurity Threat Advisory: SQL injection vulnerability with 3CX
3CX advised customers that the SQL database integration has been disabled due to CVE-2023-49954. Businesses that use MongoDB or any of their web-based customer relationship management (CRM) integration templates are not affected. Read this Cybersecurity Threat Advisory to gain details of the vulnerability and recommendations to prevent exploitation. What is the threat? This vulnerability affects […]
Cyber Security Awareness – How Do I Know My Regulatory Requirements
In reality, while rules and requirements about how to handle data don’t automatically make your data safe, they’re necessary. What’s needed can vary depending on the type of work you do, where you are, and how your organization is set up. If your company has personal information about employees or customers, it probably has to […]
A phishing email pretends to be Paypal
We would like to share the recent phishing email we identified pretending to be an email from Paypal. The email is written in a way that make the reader think a fraudulent transaction has occurred in your Paypal account and it suggests the reader to contact the phone number to resolve this issue. Let’s have […]
Cybersecurity Threat Advisory: Google OAuth vulnerability
In this Cybersecurity Threat Advisory, we’re looking at a critical Google OAuth vulnerability that allows ex-employees to maintain access to applications such as Slack and Zoom. After off boarding, attackers can achieve access by creating non-Gmail accounts using corporate email aliases. This poses severe risks, including unauthorized access and potential data breaches. CSB recommends disabling […]
Let’s look at free tools that would improve your cyber awareness.
Have I been Pwned? Pwned means your account or system has been breached, and your passwords or privileged passwords have been compromised. I encourage you to go to https://haveibeenpwned.com/ to check whether your account or passwords have been breached. Barracuda email threat scanner Barracuda email threat scanner is one of the products of Barracuda Networks. […]
Is cyber insurance a good cyber security mitigation strategy?
There was 35% increase of Cyber incidents in 2020 alone with data breaches costing $4.24 million per year. Type of cyber incidents ranging from phishing, ransomware, remote workforces, stolen credentials and personal identity impersonations. Therefore, organizations must secure themselves against unknown and advancing threats while striking a balance between proactive and reactive measures. We acknowledge […]
Cybersecurity Threat Advisory: Critical security patches for GitLab
This Cybersecurity Threat Advisory highlights GitLab’s recent critical vulnerability, which security update have been released for. A successful exploitation can allow threat actors to mask themselves as other users during scheduled security scans while they run automated tasks (also known as pipelines). CSB recommends applying the latest GitLab patches as soon as possible. What is […]
What is malware?
What is malware? Malware is a various type of malicious software, developed by the cybercriminals (called hackers) to allow them steal sensitive data, damage or destroy computers and computer systems. The common malware that the hackers usually hack into computers are viruses, worms, Trojan viruses, rootkits, spyware, and ransomware. The malware can install to your […]
Cybersecurity Threat Advisory: Cyberattacks on MGM Resorts
This Cybersecurity Threat Advisory highlights cyberattacks on MGM Resorts, a $33 billion hospitality and entertainment company operating out of Las Vegas. On Monday, September 11th, 2023, MGM Resorts experienced a ransomware attack that encrypted over 100 ESXi hypervisors and exfiltrated an unknown quantity of data. The group claiming responsibility for the attack is an advanced […]
Cybersecurity Threat Advisory: Apple releases patches for zero-day vulnerabilities
Apple has released more security patches after three zero-day vulnerabilities were discovered in iOS, iPadOS, MacOS, WatchOS, and Safari. These vulnerabilities are actively being exploited in the wild against several frameworks and systems of Apple products, making sixteen total zero-days in 2023. CSB recommends reviewing this Cybersecurity Threat Advisory in detail, and applying the latest […]