Multiple vulnerabilities (CVE-2024-44308 and CVE-2024-44309) have been discovered in Apple products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges [...]
Hackers are using ZIP file concatenation to bypass security solutions and infect their targets with malware through email messages, experts have warned. A new method in cyberattacks uses ZIP file concatenation to deliver malicious payloads undetected. By leveraging differences in ZIP parser handling, attackers can hide trojans in ZIP files, targeting [...]
Google released a critical security update for its Chrome web browser to address attackers exploiting a high-severity vulnerability. The update brings Chrome to version 124.0.6367.201 for Windows, Mac, and Linux users on the Stable release channel. The vulnerability, tracked as CVE-2024-4671, is a “use after free” flaw in the [...]
April’s Patch Tuesday was a record-breaker for Microsoft, with the software giant releasing patches for 147 vulnerabilities — more than researchers can recall ever seeing previously in a single month. This month’s list initially appeared to contain no zero-day vulnerabilities, but researchers were quick to correct this — pointing [...]
For the first quarter of 2024, ransomware incidents reported to the NJCCIC consisted of Akira, LockBit, and Play ransomware. There was a sharp increase in Akira ransomware attacks, particularly after the LockBit ransomware group’s takedown. Akira ransomware operators are known for their sophisticated attacks, especially against US healthcare organizations. [...]
Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for privilege escalation. Successful exploitation of the most severe of these vulnerabilities could allow for privilege escalation in the context of the logged on user. Depending on the privileges associated with the user, an [...]
Regular penetration testing helps your organization make its network more secure by identifying security vulnerabilities that intruders may exploit and providing remediation recommendations. As a universally applicable cybersecurity discipline, every organization can leverage penetration testing to continually reinforce its defenses. Here are 4 primary benefits of regular penetration testing: [...]
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new [...]
With 2024 in full swing, we know budgets have been prepared and are in full-swing implementation. Hoping you made considerations in security investments for the coming year to better protect your organization from growing threats, we wanted to highlight 3 things for consideration. If you haven't given these areas [...]
Google has rushed to patch a zero-day vulnerability in Chrome that was exploited by a commercial spyware vendor. If you haven't done so already, we encourage you to update your Chrome browser ASAP. CVE-2023-5217 exists in the wild and this flaw could have allow criminals to sneakily install spyware [...]
Adobe's Patch Tuesday update for September 2023 comes with a patch for a critical actively exploited security flaw in Acrobat and Reader that could permit an attacker to execute malicious code on susceptible systems. The vulnerability, tracked as CVE-2023-26369, is rated 7.8 for severity on the CVSS scoring system and impacts [...]
This month's Microsoft Patch Tuesday fixes two zero-day vulnerabilities, with both exploited in attacks and one of them publicly disclosed. Identified Vulnerabilities The first zero-day vulnerability, CVE-2023-36884, is a remote code execution vulnerability in the Windows Search component. This vulnerability can be exploited by an attacker to send a [...]
1 South Corporate Drive, Riverdale, NJ 07457
CALL: +1-973-276-0808
FAX: 973-248-6645
EMAIL: info@bmtcorp.com
NJ Service Areas
All work performed by Business Machine Technologies Inc. shall be subject to the terms of the Master Services Agreement which can be reviewed at www.bmtcorp.com/MSA
For 30+ years we have been dedicated to providing the highest levels of customer service, expert support, and the best in technology solutions to our clients.
