Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Centripetal

ConnectWise Vulnerability: Authentication Bypass in ScreenConnect

Widespread exploitation of these vulnerabilities in the wild has been confirmed including comprise of UnitedHealth’s Change Healthcare on February 22nd, by Lockbit. Sophos has confirmed various strains of malware using these vulnerabilities as part of delivery including LockBit ransomware, AsyncRAT, infostealers, etc.

Are Firewalls Alone Equipped to Mitigate Against the Increasingly Sophisticated Cyberthreats?

The sheer volume of data breaches continues to escalate at a phenomenal rate. Cyberattacks on all businesses, but particularly small to medium-sized businesses, are becoming more frequent, targeted, and complex. According to Accenture’s Cost of Cybercrime Study, 43% of cyberattacks are aimed at small businesses, but only 14% of those businesses are prepared to defend themselves.

Far Beyond the Firewall - Experiencing Alert Fatigue From Your Overwhelmed Firewall?

The cyberthreat landscape is ever-evolving and the level of sophistication from cybercriminals is always increasing. Networks are not impenetrable. Alarmingly, 79 minutes is now the average time from when an attacker compromises a network to when they start to move laterally, infiltrating the rest of the network.

Fortinet Vulnerability: CVE-2024-21762

On Thursday, February 8th, the Fortinet Product Security Incident Response Team released an advisory (FG-IR-24-015) notifying of an out-of-bound write vulnerability in their SSL VPN tracked as CVE-2024-21762. The vulnerability “may allow a remote unauthenticated attacker to execute arbitrary code or command via specially crafted HTTP requests”.

Security Bulletin: AnyDesk Production Systems Breach

On February 2nd, 2024, AnyDesk disclosed that their production systems had been compromised and that private code signing keys and source code were stolen, while an unknown number of user accounts had their passwords reset. This is a significant concern, as it would allow a malicious attacker to generate malicious versions of AnyDesk software with compromised code that appears to be legitimate. It is assessed that approximately 18,000 credentials are available for sale on the Dark Web as a result.

Centripetal Partners With Tiger to Provide Cutting-Edge Cybersecurity Innovation to the UK Market for the First Time

Centripetal announces that its award winning, patented cybersecurity threat solution is available for the first time ever across the UK as a result of its strategic partnership with Tiger. With this partnership, Tiger and its customers will have a stronger approach to cybersecurity, putting operationalised threat intelligence at the forefront, moving from a reactive to proactive defence, and helping security teams be more efficient and effective.

CleanINTERNET is now available in the UK

You might recall hearing that we officially launched our Global Partner Program. It was important for us to ensure that our CleanINTERNET® solution was available immediately in the UK, and thanks to our latest partnership with Tiger this is now possible. Our innovative technology is currently deployed by over 100 customers in the U.S.

A recipe for burnout? Survey shows over 90% of cybersecurity professionals work while on vacation

Now that the calendar has flipped to November, the end of the year is in sight. It’s a popular time for friends and family to gather for the holidays, yet unfortunately, it’s also a popular time for cyber attackers to ramp up their exploits. Our thoughts turned to the cyber professionals on the front lines. What compromises do they feel pressured to make in their work-life balance to keep their companies secure? How often does their work actually impinge on their personal time?

Empowering a Secure Digital Future with Centripetal Ireland During Cybersecurity Awareness Month

In today’s digital world, the importance of cybersecurity is more critical than ever. With the constant evolution of cyber threats, safeguarding sensitive data and digital assets has transitioned from an option – to an absolute necessity. Each October, Cybersecurity Awareness Month focuses on the importance of cybersecurity in our interconnected world.

Cisco iOS XE Vulnerability: CVE-2023-20198

Cisco has released an advisory, acknowledging active exploitation of a previously unknown vulnerability, which is tracked as CVE-2023-20198, in the web UI feature of Cisco IOS XE Software when exposed to the internet or to untrusted networks. This vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access, which is the highest level of access.