Threat Advisories
Detailed information and guidance on threats and vulnerabilities, focusing on its characteristics, impact, and remediation steps, released daily and weekly to provide actionable intelligence and aid in rapid response and mitigation efforts.
Strengthen Your Defenses With the Latest Intelligence
Threat Level – Amber | Vulnerability Report
EventLogCrasher Flaw Not Serviced by Microsoft
 A recently identified vulnerability, known as EventLogCrasher, poses a significant risk to February 7, 2024 Threat Level – Red | Vulnerability Report
Leaky Vessels in Cloud Environments Shake Docker and Beyond
Four vulnerabilities, collectively termed ‘Leaky Vessels,’ have been uncovered within container engine February 5, 2024 Threat Level – Red | Vulnerability Report
Ivanti Addresses Zero-Day Vulnerability Exploited in Attacks
Ivanti has addressed two new high-severity vulnerabilities, CVE-2024-21893 and CVE-2024-21888, affecting its February 2, 2024 Threat Level – Red | Vulnerability Report
Critical Remote Code Execution Flaws Uncovered in Jenkins
Multiple vulnerabilities have been discovered in Jenkins and number of associated plugins, February 1, 2024 Threat Level – Red | Vulnerability Report
CherryTree Impostor Dubbed CherryLoader Makes Its Move
CherryLoader, a new Go-based downloader, has surfaced in cyber attacks, masquerading as February 1, 2024 Threat Level – Amber | Vulnerability Report
Malicious Google Ads Target Chinese Users, Covertly Delivering RATs
Chinese-speaking users are being targeted in an ongoing malvertising campaign that leverages January 30, 2024 Threat Level – Red | Vulnerability Report
FAUST: A Phobos Ransomware Variant Launches Fileless Attack
FAUST ransomware, a variant of the Phobos family, exhibiting intricate deployment stages, January 30, 2024 Threat Level – Red | Vulnerability Report
Midnight Blizzard Exploiting Legacy OAuth for Lateral Movement
Midnight Blizzard exploited a legacy test OAuth application with elevated access due January 29, 2024