Spring4Shell Vulnerability
Executive Summary: A new zero-day vulnerability in the Spring Core Java framework dubbed ‘Spring4Shell’ has been publicly disclosed, allowing unauthenticated remote-code execution on applications. Spring by VMware is a very popular application framework that allows software developers to quickly and easily develop Java applications with enterprise-level features. These applications can then be deployed on servers, such as Apache Tomcat, as […]
Major SAP Vulnerability
Priority: High – CVSS 10 Executive Summary: German enterprise software maker SAP and the US Cybersecurity and Infrastructure Security Agency issued security advisories on Tuesday 8th February to warn SAP customers to install the company’s February security patches as soon as possible in order to prevent the exploitation of a major vulnerability in a ubiquitous SAP component. Tracked as CVE-2022-22536, the vulnerability […]
Commonly Exploited Vulnerabilities
Priority: High Executive Summary: In a series of coordinated cyber attacks beginning on the 14th January 2022, orchestrated by Russian state-sponsored actors, more than 70 Ukrainian government websites have been defaced or rendered inaccessible. Russian threat actors have used spear-phishing, brute-force and exploited known vulnerabilities to gain access to target networks by compromising third-party […]
CVE-2021 20038..42: SonicWall SMA 100 Multiple Vulnerabilities (FIXED)
Priority: High Executive Summary: SonicWall has verified and patched vulnerabilities of critical and medium severity (CVSS 5.3-9.8) in SMA 100 series appliances, which include SMA 200, 210, 400, 410 and 500v products. SMA 100 series appliances with WAF enabled are also impacted by the majority of these vulnerabilities. A critical severity vulnerability (CVSS 9.8) in […]
Forrester TEI Report – Microsoft Azure Sentinel
Last month, Forrester released a Total Economic Impact (TEI) research document which revealed significant cost savings and business benefits associated with using Microsoft Azure Sentinel. To be clear – it revealed those benefits when the users switched from an existing traditional SIEM or “SIEM-like” (whatever that is) logging and correlation infrastructure. There are a lot […]
ITC Secure Achieves Microsoft Gold Partner Status
London – November 19, 2020 – ITC Secure (ITC), the leading managed security services provider (MSSP) and specialist cyber advisory firm, today announced it has achieved Microsoft Gold Partner status. Through this, ITC joins the top 1% of Microsoft partners worldwide. By achieving Microsoft Gold Partner status, ITC demonstrates expertise at the highest level of […]
ITC Secure Launches Next-Generation MDR Service Built on Microsoft Security Stack
ITC Secure combines expertise of world-class security team with Microsoft’s best in class technology to deliver preventative protection, post-breach detection, automation and response London – October 12, 2020 – ITC Secure (ITC), the leading Managed Security Services Provider (MSSP) and Silver Microsoft Partner, announced the launch of a new Managed Detection and Response (MDR) service, […]