108, 2023

FIRMUS Advisory: MOVEit Ransomware

August 1st, 2023|Categories: Articles|Tags: , , , |

The MOVEit ransomware was making headlines everywhere worldwide, and since now it has passed, it's crucial for everyone to raise awareness and protect against similar types of threats in the future. Our advisory provides an in-depth analysis of technical details, detection methods, IOCs, and the CLOP ransomware group's TTPs involved in MOVEit attacks.

1807, 2023

Why Consolidation of Managed Cybersecurity Service Providers (MSSP) is Inevitable – Through the Lens of an MSSP

July 18th, 2023|Categories: Articles|Tags: , , , |

With the rise in popularity and importance of cybersecurity monitoring, it paved the way for many local and foreign Managed Cybersecurity Service Providers (MSSP) like SysArmy, Bluesify, Ensign InfoSecurity, DXC, and BlueVoyant; where organisations outsourced their monitoring and management of security devices and systems. Like the US banking industry years ago, this is the dawn of “MSSP Consolidation”; amidst increasing demand for high-quality MSSP as well as tougher competition

307, 2023

Early Warning Alert: ASUS Router Critical Vulnerabilities

July 3rd, 2023|Categories: Articles|Tags: , , , |

ASUS has published updated firmware with cumulative security updates that address vulnerabilities in several router models, advising customers to update their devices immediately or restrict WAN access until they are secure. According to the organisation, the newly released firmware fixes nine security flaws, including a high and critical one.

2606, 2023

Cyber Threat Alert: MOVEit Transfer Vulnerability Exploited (CVE- 2023-34362)

June 26th, 2023|Categories: Articles|Tags: , , |

MOVEit, a well-known secure file transfer program, is at the center of a high-profile breach known as "Zero-Day MOVEit Transfer Vulnerability" that was recently revealed. This possible flaw might result in elevated privileges and unauthorided access to the environments. The attacking approach is a SQL Injection onto unpatched MOVEit servers, which allows the threat actor to gain access and remotely execute arbitrary code. As a result, it is critical to patch the flaw with the most recent security patches released by Progress Software in order to prevent exploitation efforts.

Talk To Us

Penetration testing, cyber security strategy, proof-of-value, or just some information? Our domain experts provide bespoke cyber security offerings to solve your digital transformation challenges.

Go to Top