July 2023 saw a host of new vulns, especially in the wake of the Storm-0558 attack on Microsoft, the Fortinet RCE Flaw, and the CISCO AnyConnect Vulnerability.
Have you felt like you’re hearing more about spearphishing in the news? There’s a reason why: in the ever-expanding landscape of cyber threats, spearphishing has increased this year as a particularly insidious (but effective) tactic employed by threat actors to breach organizational defenses. From APTs to decentralized digital mercenaries, there are simply more attacks this […]
It’s popular because it’s profitable and it’s been a big moment for ransomware around the planet over the past few weeks. At Banyan, we decided to assemble the latest ransomware news for a mid-May Ransomware Threat Update (because there’s been enough of it to warrant its own blog). Ransomware has become ever more targeted, with […]
What is the VMware ESXi OpenSLP heap-overflow vulnerability (CVE-2021-21974)? A new heap-overflow vulnerability (CVE-2021-21974) has been discovered in the VMware ESXi OpenSLP service. This vulnerability allows attackers to execute arbitrary code and take control of the affected system, posing a serious threat to organizations that use VMware’s ESXi to manage their virtual infrastructure. On February […]