Security Labs

Blog
CrowdStrike Software Update Triggers Global Outage
A software update from cybersecurity vendor CrowdStrike prompted a global computer outage impacting Microsoft Windows operating systems.

Blog
Remove Polyfill.io to Prevent Malicious Attacks
Researchers published new information about the open-source code Polyfill leading to malicious attacks. Learn more about prevention.

Blog
SEO Poisoning Attacks Demand More Scrutiny from Search Engine Users
Threat actors are capitalizing on the trust we put in search engines by hiding malicious websites in plain sight using a tactic known as SEO poisoning.

Blog
Threat Actor Claims 100% Success With SIM-Swapping Extortion
SIM-swapping extortion attacks are on the rise due to self-service password resets, which help threat actors bypass interaction with their victims.

Blog
Not All Endpoint Security Solutions Are Created Equal
As more businesses adopt endpoint security solutions, a clear disconnect has emerged between how they’re marketed and how they truly function.

Blog
XZ Near Miss Sheds Light on Vulnerability, Patching Issues
The recent XZ Utils backdoor uncovered the potential risks associated with vulnerabilities in open-source systems.

Blog
Palo Alto Networks: Patch Available for PAN-OS Zero-day
A patch is now available for a command injection zero-day vulnerability impacting Palo Alto Networks PAN-OS. Learn what actions you need to take.

Blog
LockBit Ransomware Used in Exploitation of ConnectWise ScreenConnect
Coalition Incident Response has discovered a link between the LockBit ransomware gang and the ConnectWise ScreenConnect vulnerabilities.

Blog
MFA Bypass Attacks: Weak MFA Implementation Welcomes Intrusion
Threat actors are increasingly targeting multi-factor authentication (MFA). Learn the most effective types of MFA and how to avoid MFA bypass attacks.

Blog
Cyber Threat Index 2024: Scans, Honeypots, and CVEs
The Coalition Cyber Threat Index uses our data derived from internet scans, honeypots, and vulnerabilities to provide in-depth cyber insights for 2024.

Blog
FortiOS SSL VPN Vulnerability Actively Exploited in the Wild
Fortinet disclosed a critical remote code execution (RCE) vulnerability impacting FortiOS SSL VPN. Learn what actions you need to take.

Blog
SonicWall Firewall Devices Vulnerable to DoS Attacks
SonicWall NGFW series 6 and 7 devices are vulnerable to two critical CVEs that can lead to denial-of-service attacks. Learn what steps businesses should take.

Blog
Ivanti VPN Zero-Day Avoided with Device Isolation
Two zero-day vulnerabilities are impacting Ivanti VPN devices. Learn how proactive outreach to Coalition policyholders is helping mitigate the threat.

Blog
QR Codes Increasingly Used in Phishing Attacks
Threat actors are using QR codes in phishing attacks to gain access to business networks. Learn the risks and how to evaluate a QR code for legitimacy.
