Vulnerabilities
The Double-Edged Sword of Using Boundary Devices
Boundary devices can help mitigate cyber threats and enable secure remote access. However, these technologies are often directly targeted in cyber attacks.
Palo Alto Networks: Patch Available for PAN-OS Zero-day
A patch is now available for a command injection zero-day vulnerability impacting Palo Alto Networks PAN-OS. Learn what actions you need to take.
LockBit Ransomware Used in Exploitation of ConnectWise ScreenConnect
Coalition Incident Response has discovered a link between the LockBit ransomware gang and the ConnectWise ScreenConnect vulnerabilities.
Cyber Threat Index 2024: Scans, Honeypots, and CVEs
The Coalition Cyber Threat Index uses our data derived from internet scans, honeypots, and vulnerabilities to provide in-depth cyber insights for 2024.
Empower Your Clients (and Yourself) With More Visibility Into Cyber Risks
Increased visibility across Coalition's quoting and risk management platforms can empower you as a cyber risk advisor.
SonicWall Firewall Devices Vulnerable to DoS Attacks
SonicWall NGFW series 6 and 7 devices are vulnerable to two critical CVEs that can lead to denial-of-service attacks. Learn what steps businesses should take.
Why MDR is the Next MFA for Cyber Insurance
Cyber insurance providers are increasingly encouraging businesses to implement MDR — if not incentivizing it — just as they did with MFA.
From Widespread Damage to Failure to Launch: The Celebrity CVEs of 2023
The number of CVEs has been steadily rising for years. Coalition reflects on the CVEs from 2023 that were the most (and least) impactful.
How to Mitigate the Risks of Internet-Exposed RDP
Learn the risks of internet-exposed Remote desktop protocol (RDP), steps to provide secure remote access, and what Coalition scan data shows about the risk.
How to Improve Client Insurability Using Actionable Security Insights
Businesses can gain a security advantage over threat actors through a deeper understanding of the most common and highly exploitable cybersecurity weaknesses.
MOVEit Mayhem: Understanding Threats and Protecting Policyholders
In the six weeks since Progress Software disclosed a critical vulnerability in its file-transfer program, MOVEit has created a perfect storm of cyber risk.
Announcing Coalition Exploit Scoring System (ESS)
Coalition Exploit Scoring System (ESS) helps defenders cut through the noise of vulnerability management. Learn how our dynamic scores work and try the tool.
Security Alert: What to Know About Threat Actor Volt Typhoon
Microsoft and CISA warned that the Chinese APT Volt Typhoon is targeting critical infrastructure by living off the land. Learn the risks of this technique.
Security Incident Retrospective: The 3CX Supply Chain Attack
Coalition dives deeper into what security leaders need to know about the supply chain attack that impacted 3CX.
How Artificial Intelligence Levels Up Email Phishing
As organizations turn to generative AI tools to assist with business operations, hackers also utilize these tools to create better phishing emails.
