Featured Story
Unauthenticated Stack Buffer Overflows in Ivanti Avalanche
Researchers at Tenable discovered a critical vulnerability in Ivanti Avalanche that allows unauthenticated remote attackers to execute arbitrary code or trigger denial of service conditions. This flaw poses a high risk to system integrity and availability.
If your organization uses Ivanti Avalanche, upgrade to version 6.4.1 or later immediately. We also recommend performing a threat assessment to determine whether exploitation occurred before patching. Our SOC is available to assist with log review and compromise assessment.
Other Stories
Warning: Unauthenticated Attacker Can Gain Zimbra Account Access
A one-click vulnerability has been found in all Zimbra Collaboration versions, allowing attackers to access user accounts simply by getting users to click a malicious link. This can lead to data compromise and unauthorized email access.
We recommend:
- Upgrading Zimbra to the latest version immediately
- Educating users on how to recognize and avoid phishing links
- Implementing web filtering and email protection tools
Our SOC can help develop phishing simulations and awareness campaigns.
10 Million Likely Impacted by Data Breach at French Unemployment Agency
The breach occurred through a third-party provider connected to Pole Emploi, exploiting the widely known MOVEit Transfer vulnerability. Approximately 10 million records may have been exposed, demonstrating the scale of indirect supply chain risk.
Security is only as strong as your weakest vendor. Ensure your suppliers:
- Follow industry-standard security practices
- Are regularly audited
- Have incident response processes in place
We provide vendor risk management support and audit frameworks.
Akira Ransomware Gang Targets Cisco ASA Without MFA
Cisco reports that Akira ransomware threat actors are targeting organizations running Cisco ASA VPNs without multi-factor authentication. These attacks bypass weak single-factor protections and are actively exploiting misconfigured VPN endpoints.
MFA is no longer optional. We recommend:
- Enforcing MFA for all remote access services
- Reviewing VPN logs for suspicious access attempts
- Limiting external access to management interfaces
Our SOC team can help implement MFA and assess your current VPN exposure.
