Resources

Filter Clear all

Cyber 17 Mar, 2023

Client advisory: Microsoft Outlook elevation of privilege vulnerability

A critical security vulnerability has been identified in the Microsoft Outlook desktop client. This vulnerability allows attackers to access your n...

Advisory

Cyber 11 Jul, 2022

Client advisory: CFC warns of new “BazarCall” attack method

The new attack method has been growing in use among well-known ransomware groups and was responsible for 10% of malware incidents observed by CFC l...

Advisory
advisory

Cyber 13 Dec, 2021

Client advisory: Log4Shell vulnerability

Log4Shell (CVE-2021-44228) is a critical vulnerability that is being actively exploited and scanned for by malicious actors since its discovery lat...

Advisory
advisory

Cyber 25 Oct, 2021

Client advisory: Server message block vulnerability

Our Response team recommends that you disable server message block (SMB) if it is not necessary on your network.

Advisory
advisory

Cyber 26 Aug, 2021

Client advisory: ProxyShell vulnerability remediation

The below information is a guide compiled by CFC Response globally to assist organizations in detecting, eradicating and remediating the ProxyShell...

Advisory

Cyber 18 Aug, 2021

Client Advisory: Zerologon vulnerability

Learn why Zerologon carries the highest possible vulnerability severity score and what you can do to make sure your IT systems stay safe.

Advisory

Cyber 6 Jul, 2021

Client Advisory: Kaseya Sodinokibi incident

Get the technical summary of the Kaseya July 2021 REvil/Sodinokibi mass ransomware event

Advisory

Cyber 2 Jul, 2021

Client Advisory: GootLoader attacks on legal services

The CFC Incident Response Team has recently seen several ransomware attacks on legal services firms which appear to have been caused by GootLoader...

Advisory

Cyber 29 Apr, 2021

Client Advisory: Vulnerabilities in multiple platforms

An advisory released by the NSA, CISA and FBI on 15 April warns of vulnerabilities being exploited by the Russian Foreign Intelligence Service, als...

Advisory

Cyber 5 Mar, 2021

Client Advisory: Exchange Marauder

Microsoft has released emergency out-of-band security updates for most Microsoft Exchange versions that fix four newly detected vulnerabilities act...

Advisory

Cyber 14 Dec, 2020

Client advisory: Securing the Remote Desktop Protocol

With more and more cyber incidents stemming from vulnerable RDP ports, our Incident Response Team has provided some more information about this tec...

Advisory

25 Sept, 2020

Client advisory: New ransomware variant affecting schools

Our incident response team has noticed the emergence of PYSA, a ransomware variant that is disproportionately affecting schools, colleges and unive...

Advisory

Cyber 21 Jul, 2020

Client advisory: Windows DNS vulnerability

Our Incident Response Team wishes to advise all insureds of a critical vulnerability in the Windows DNS server that allows cybercriminals to gain w...

Advisory

Cyber 28 Apr, 2020

Client advisory: Two-factor authentication guidance

Two-factor authentication (2FA), also known as multi-factor authentication (MFA), is an extra layer of security used to verify the identity of the...

Advisory

Cyber 18 Mar, 2020

Client advisory: Cybercriminals exploiting Coronavirus

[Updated] Public concern and working-from-home mandates are providing opportunities for cybercriminals.

Advisory

Cyber 31 Jan, 2020

Client advisory: Maze ransomware cases on the rise

New ransomware variant is known to exfiltrate data prior to encryption, allowing hackers to publish data if the ransom isn't paid.

Advisory

Cyber 22 Jan, 2020

Client advisory: Implement latest Windows patches now

Recently discovered vulnerability undermines how Windows verifies trustworthy sources

Advisory

Cyber 11 Nov, 2019

Client advisory: BlueKeep exploit in Windows

Update your Windows operating systems immediately to guard against BlueKeep exploit.

Advisory