Catch IT

Patches Issued for Microsoft Products

April’s Patch Tuesday was a record-breaker for Microsoft, with the software giant releasing patches for 147 vulnerabilities — more than researchers can recall ever seeing previously in a single month.  This month’s list initially appeared to contain no zero-day vulnerabilities, but researchers were quick to correct this — pointing [...]

By |2024-04-10T11:28:37-05:00April 10th, 2024|Categories: Catch IT, News|Tags: , , , , , , |

Top Ransomware Trends – Q1 2024

For the first quarter of 2024, ransomware incidents reported to the NJCCIC consisted of Akira, LockBit, and Play ransomware. There was a sharp increase in Akira ransomware attacks, particularly after the LockBit ransomware group’s takedown. Akira ransomware operators are known for their sophisticated attacks, especially against US healthcare organizations. [...]

By |2024-04-05T08:23:19-05:00April 4th, 2024|Categories: Catch IT, News|Tags: , , , , , , |

Catch-IT: Multiple Vulnerabilities Found in Apple Products

Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for privilege escalation. Successful exploitation of the most severe of these vulnerabilities could allow for privilege escalation in the context of the logged on user. Depending on the privileges associated with the user, an [...]

By |2024-03-06T11:23:32-05:00March 6th, 2024|Categories: Catch IT, News|Tags: , , , , , , |

4 Primary Benefits Of Penetration Testing

Regular penetration testing helps your organization make its network more secure by identifying security vulnerabilities that intruders may exploit and providing remediation recommendations.  As a universally applicable cybersecurity discipline, every organization can leverage penetration testing to continually reinforce its defenses. Here are 4 primary benefits of regular penetration testing: [...]

Catch-IT: Multiple Vulnerabilities Found in Microsoft Products

Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new [...]

By |2024-02-14T14:37:09-05:00February 14th, 2024|Categories: Catch IT, News|Tags: , , , , , , |

3 Important Considerations for 2024

With 2024 in full swing, we know budgets have been prepared and are in full-swing implementation.  Hoping you made considerations in security investments for the coming year to better protect your organization from growing threats, we wanted to highlight 3 things for consideration.  If you haven't given these areas [...]

By |2024-01-17T12:25:24-05:00January 17th, 2024|Categories: BMT Announcement, CyberSecurity, News|Tags: , , , , |

Catch-IT: Update Google Chrome Now – Serious Security Flaw Identified

Google has rushed to patch a zero-day vulnerability in Chrome that was exploited by a commercial spyware vendor.  If you haven't done so already, we encourage you to update your Chrome browser ASAP.  CVE-2023-5217 exists in the wild and this flaw could have allow criminals to sneakily install spyware [...]

By |2023-09-28T11:03:54-05:00September 28th, 2023|Categories: Catch IT, News|Tags: , , , , , , |

Catch-IT: Multiple Vulnerabilities Found in Adobe Products

Adobe's Patch Tuesday update for September 2023 comes with a patch for a critical actively exploited security flaw in Acrobat and Reader that could permit an attacker to execute malicious code on susceptible systems.  The vulnerability, tracked as CVE-2023-26369, is rated 7.8 for severity on the CVSS scoring system and impacts [...]

By |2023-09-14T12:12:44-05:00September 14th, 2023|Categories: Catch IT, News|Tags: , , , , , , |

Vietnamese Hackers Deploy Python-Based Stealer via Facebook Messenger

A new phishing attack is leveraging Facebook Messenger to propagate messages with malicious attachments from a "swarm of fake and hijacked personal accounts" with the ultimate goal of taking over the targets' accounts. "Originating yet again from a Vietnamese-based group, this campaign uses a tiny compressed file attachment that [...]

By |2023-09-12T07:35:24-05:00September 11th, 2023|Categories: BMT Announcement, CyberSecurity|

Catch-IT: August Patch Tuesday Identifies Two Zero-Day Vulnerabilities

This month's Microsoft Patch Tuesday fixes two zero-day vulnerabilities, with both exploited in attacks and one of them publicly disclosed. Identified Vulnerabilities The first zero-day vulnerability, CVE-2023-36884, is a remote code execution vulnerability in the Windows Search component. This vulnerability can be exploited by an attacker to send a [...]

By |2023-08-09T10:23:36-05:00August 9th, 2023|Categories: Catch IT, News|Tags: , , , , , , |

Catch-IT: Apple has issued security patches to address zero-day vulnerabilities

Apple has issued security patches to address zero-day vulnerabilities (CVE-2023-38606, CVE-2023-32409, and CVE-2023-37450) that have been exploited in attacks against iPhones, Macs, and iPads that seriously affect the digital security of Apple devices.  Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the [...]

By |2023-07-26T12:53:20-05:00July 26th, 2023|Categories: Catch IT, News|Tags: , , , , , , |

Catch-IT: Apple Pushes out Emergency Fix for Actively Exploited Zero-Day

Apple has patched an actively exploited zero-day vulnerability (CVE-2023-37450) by releasing Rapid Security Response updates for iPhones, iPads and Macs running the latest versions of its operating systems. The vulnerability has been discovered in Apple products, which could allow for arbitrary code execution. Successful exploitation of this vulnerability could allow for arbitrary code [...]

By |2023-07-17T13:19:01-05:00July 17th, 2023|Categories: Catch IT, News|Tags: , , , , , , |
Go to Top