Skip to main content

Business

View all

Alerts & Advisories

OpenSSH Vulnerability - regreSSHion: Remote Code Execution (CVE-2024-6387)

2 Jul 2024

A critical vulnerability known as regreSSHion (CVE-2024-6387), has been discovered in OpenSSH, a widely used open-source implementation for secure network communication. This vulnerability allows an unauthenticated attacker to remotely execute arbitrary code with root privileges on Linux systems running OpenSSH servers.

See more

Cisco ASA Devices Backdoored Via Two Zero-Days (CVE-2024-20353 and CVE-2024-20359)

1 May 2024

Cisco has warned that two zero-day vulnerabilities in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls are now actively exploited since November 2023 to breach government networks worldwide. The two vulnerabilities, namely CVE-2024-20353 and CVE-2024-20359, allow threat actors to deploy previously unknown malware and maintain persistence on compromised ASA and FTD devices.

See more

Microsoft Windows MSHTML Platform Privilege Escalation Vulnerability (CVE-2023-32046)

29 Apr 2024

CVE-2023-32046 is a vulnerability in the Windows MSHTML platform that could lead to an Elevation of Privilege (EoP) – essentially allowing a low privilege attacker to execute code in the context of the user or gain high-level access to a system they ordinarily would not have. Exploitation of the vulnerability requires that a user open a specially crafted file.

See more

Schedule an awareness talk for your organization

BruCERT offers awareness talks to educate the public and organizations on the importance of cybersecurity and safe online practices.

Outreach

Our roadshows include interactive activities and demonstrations, and can be customized to suit your organization.

Learn more
View all

Is your company prepared for cybersecurity threats?

Use this self-assessment questionnaire to determine your organization's current security posture and identify areas of potential or actual weaknesses.

Learn more