CulperSec

New Zero-Day Alert: CVE-2023-36884. A critical vulnerability is being exploited in the wild, putting businesses at risk. Learn about the threat, who's behind it, and the crucial steps your organization needs to take right now. https://www.culpersec.com/blog/urgent-advisory-unpatched-zero-day-cve-2023-36884-exploited

🔒Unlock the secrets to stronger cybersecurity and compliance in biotech, pharmaceuticals, and therapeutics! Learn how CulperSec can boost your security posture, simplify vendor risk, and win over auditors and investors. https://www.culpersec.com/blog/bridging-cybersecurity-and-compliance-with-culpersec

On December 1st, the FBI and CISA released an Alert warning of an increase in "Cuba Ransomware" attacks, with the number of US entities impacted doubling since December 2021. The agencies recommend prioritizing known exploited vulnerabilities, training users to recognize phishing attempts and enabling phishing-resistant multi-factor authentication. More information on this alert can be found at: https://www.cisa.gov/uscert/ncas/alerts/aa22-335a

Threat actors are leveraging a new zero-day vulnerability in Microsoft Office that allows an attacker to run untrusted code by creating a malicious document that uses the built in Windows MSDT feature. https://culpersec.com/microsoft-office-follina-zero-day-cve-2022-30190/