CVSS v4.0: A New Horizon in Vulnerability Scoring
Perdition Security, a leader in cyber resilience, blends innovative solutions with a steadfast commitment to your digital safety. Our expertise is exemplified through our understanding and implementation of the latest standards in cybersecurity, such as the Common Vulnerability Scoring System (CVSS). On November 1st, 2023, the Forum of Incident Response and Security Teams (FIRST) officially launched the General Availability (GA) of CVSS version[...]
The Hidden Value of Risk and Privacy Impact Assessments for SMBs
For many small to medium-sized businesses (SMBs), the digital frontier offers endless opportunities. However, with great opportunity often comes great risk. In today's digital age, the challenge isn't just about seizing these opportunities, but doing so responsibly, securely, and in line with various regulatory requirements. At Perdition Security, we believe the key to navigating this balance is through regular Risk Assessments and Privacy[...]
Urgent Fortinet Patch Addresses Critical Vulnerability in FortiGate Firewalls
Urgent Fortinet Patch Addresses Critical Vulnerability in FortiGate Firewalls A critical security flaw discovered in Fortinet's FortiGate firewalls and FortiProxy SSL-VPN may expose users to a remote code execution (RCE) attack. This threat is particularly concerning as it's pre-authentication, affecting every SSL VPN appliance, making it reachable without needing any form of user credentials. The Vulnerability Explained The vulnerability, officially tracked as CVE-2023-27997,[...]
Unveiling CVE-2023-34362: The MoveIt Transfer Zero-Day Exploit
Unveiling CVE-2023-34362: The MoveIt Transfer Zero-Day Exploit With our relentless commitment to the world of cybersecurity, our researchers have recently come across an SQL injection vulnerability in the MOVEit Transfer web application - CVE-2023-34362. This critical vulnerability could be exploited by an unauthenticated, remote attacker via a specially designed request. The successful execution of this exploit could give an attacker direct access to[...]
MacOS – Migraine Vuln CVE-2023-32369
System Integrity Protection (SIP) is an integral part of Apple's security strategy. It's a foundational security measure implemented within macOS to safeguard protected files and directories from being modified, even by the root user or applications with root permissions. Essentially, SIP forms a protective barrier around key system files, limiting the actions that the root user can perform on these files and[...]
Securing the Frontlines: The Importance of Endpoint Security
Introduction As the frontier of user access, endpoints are attractive targets for cybercriminals. Ensuring these devices are secure can often seem like a daunting task, given the variety and volume of threats they face. However, with the right measures such as antivirus software, multi-factor authentication, and modern data loss prevention tools, you can effectively protect your endpoints. In this post, we'll explore[...]