Vulnerability Management

MSSP

Broadcom: VMware Zero-Days Being Exploited in the Wild

Jeffrey BurtMarch 6, 2025

The company issued fixes for the flaws, which can let hackers escape the VM and control the host.

Vulnerability Management

Several Flaws Added To CISA’s KEV List

MSSP Alert StaffMarch 4, 2025

CISA updates its KEV Catalog to address five security issues.

Cybersecurity and Infrastructure Security Agency CISA logotype displayed on smartphone

Ransomware

Report: CISA Vulnerabilities Catalog Monitored By Ransomware Gangs

MSSP Alert StaffMarch 3, 2025

Ransomware gangs in 2024 exploited 28% of the bugs listed on CISA's KEV catalog.

MSSP

MSSPs, Physical Tools, and a Multi-Layered Approach: Protecting Hospitals

Amanda VenafroFebruary 24, 2025

It takes a multi-layered approach to protect hospitals and healthcare organizations from cyberattacks.

Malware

Novel Malware Leveraged In Salt Typhoon Attacks On US Telcos

MSSP Alert StaffFebruary 21, 2025

Salt Typhoon mostly leverages stolen credentials to attack U.S. telcos.

Vulnerability Management

CISA Updates KEV List to Add SonicWall, Palo Alto Networks Bugs

MSSP Alert StaffFebruary 20, 2025

CISA's updated KEV includes critical bugs from SonicWall and Palo Alto Networks.

Patch/Configuration Management

Apple iOS Flaw Enables USB Lockout Evasion

MSSP Alert StaffFebruary 19, 2025

Quarkslab researchers advise applying the iOS 18.3.1 patch.

An aerial photo of the US Capitol in Washington.

Governance, Risk and Compliance

Trump Admin Sought To Counter UK-ordered iCloud Encryption Backdoor

MSSP Alert StaffFebruary 14, 2025

Newly appointed U.S. Director of National Intelligence Tulsi Gabbard has been urged by Sen. Ron Wyden, D-Ore., and Rep. Andy Biggs, R-Ariz., to oppose the UK's reported order for Apple to develop a backdoor that would enable government access to encrypted iCloud data, which they argued to be detrimental to U.S. government and citizen data security, according to The Register.