Rapid response
Rapid response | 2 min read
Scattered Spider’s heightened activity—here’s the 411Threat group Scattered Spider is making headlines again as they increase targeting for financial services and insurance orgs.
Rapid response | 4 min read
Phishing in Teams: the new ransomware frontlineExpel's SOC has seen a spike in Microsoft Teams phishing messages. Here's what you need to know and how to stop it.
Rapid response | 1 min read
Security alert: CVE contract expiration and option periodThe contract for the federally funded CVE program has been extended, but uncertainty remains. Here’s why it matters and what's next.
Rapid response | 2 min read
Security alert: IngressNightmare (NGINX controller for Kubernetes)On March 24, 2025, five vulnerabilities in the Ingress NGINX controller for Kubernetes were publicly disclosed. Here's how to remediate.
Rapid response | 1 min read
Security alert: Ivanti zero-day vulnerabilityIvanti disclosed a critical zero-day vulnerability impacting multiple products. Address it immediately to prevent unauthenticated remote code execution.
Rapid response | 2 min read
Security alert: Christmas Day Chrome extension compromiseAt least five Chrome extensions, including the Cyberhaven extension, were targeted on Christmas Day. Here's what you need to know.
Rapid response | 1 min read
Security alert: Palo Alto Networks firewall vulnerabilityPalto Alto Networks (PAN) has a critical vulnerability that needs patched immediately to prevent network access via the firewall management interface.
Rapid response | 1 min read
Security alert: Fortinet zero-day vulnerabilityFortinet has disclosed a zero-day vulnerability that needs to be patched immediately, or the protocol connection to the internet should be disabled.
Rapid response | 2 min read
Security Alert: CrowdStrike Windows OutageAn issue in a CrowdStrike Falcon Sensor update rendered Microsoft’s Windows OS inoperable. Here’s what happened and how you can address it.
Rapid response | 1 min read
Security alert: Palo Alto Networks PAN-OS GlobalProtect Command Injection VulnerabilityPalo Alto Networks disclosed that attackers are exploiting a vulnerability in PAN-OS for GlobalProtect. Here's what you need to know.
Rapid response | 1 min read
Security alert: XZ Linux utility backdoorResearchers identified a backdoor into the XZ Linux utility, via supply chain compromise. Here’s what you need to know.
Rapid response | 2 min read
Security alert: Ivanti Connect Secure and Policy Secure zero-day vulnerabilitiesIvanti Connect Secure and Policy Secure zero-day vulnerabilities are being exploited. Here's how to protect against them.
Rapid response | 2 min read
Security alert: ConnectWise ScreenConnect 23.9.8 security fixVulnerabilities in ConnectWise versions 23.9.7 and prior leave some ScreenConnect instances exposed to attackers. Here’s how to fix it.
Rapid response | 2 min read
Security alert: Okta “support user” data theftOkta recently determined an attacker stole user support system info in October 2023. Here’s what Okta customers need to do right now.
Rapid response | 1 min read
Security alert: privilege escalation vulnerability in Confluence Data Center and Server, CVE-2023-22515Here's how to mitigate a Confluence Data Center and Server vulnerability that lets attackers create admin accounts on external-facing servers.
Rapid response | 1 min read
Security alert: zero-day vulnerability CVE-2023-4863 in libwebp (WebP) libraryCVE-2023-4863 is a zero-day vulnerability in libwebp, which can result in arbitrary command execution when exploited. Here’s why it matters and what to do.