Summary: On December 17th Citrix published a security bulletin for a recently discovered critical vulnerability in their Citrix ADC and Gateway (formerly known as NetScaler ADC, and NetScaler Gateway) products. The vulnerability, CVE-2019-19781, if exploited would result in an unauthenticated attacker being able to perform arbitrary code execution. At this time there is no patch available from Citrix however they have published mitigation steps which are outlined here. Over the weekend POC code for......
Read More
Managed Threat Intelligence: Managed SIEM & SOCaaS Powered by Vertek in 90 seconds
Quickly learn why your organization needs MTI powered by Vertek, and how it will protect you and your customers!...
Read MoreA Vertek Threat Intelligence Analyst Identifies Trik Spam Botnet Leaks 43 Million Email Addresses
A Threat Intelligence Analyst on Vertek’s Cybersecurity team recently discovered a massive spam recipient list from a bad threat...
Read MoreMicrosoft Patches IE Zero-Day Dubbed “Double Kill”
Threat Summary On May 8th 2018 , Microsoft released critical security updates to patch a Remote Code Execution (RCE)...
Read MoreMicrosoft Patches 17 year old MS Office Memory Corruption Flaw
Threat Summary This blog is regarding a memory corruption vulnerability in the equation editor of Microsoft Office that affects...
Read MoreDetection and Prevention of Bad Rabbit Ransomware
Summary There have been numerous reports of a new ransomware outbreak called BadRabbit, which started to spread via “drive-by”...
Read MoreMalware distributed via MS Office DDE “feature” — no macros required!
What is DDE? DDE (Dynamic Data Exchange) is a protocol used to transfer data between applications and provides the...
Read MoreLocky ransomware switches up extension with asasin variant
Email campaigns pushing Locky ransomware are still very prevalent and continue to evolve. Encrypted files are now appended with...
Read MoreBrowser-based Cryptocurrency Mining Ramping Up
Our SOC has observed several cases of browser mining (also referred to as “cryptojacking”) as of late where javascript...
Read MoreSubscribe to Vertek’s Public OTX Feed
Vertek’s OTX Public and Private Pulses provide a summary of the threat, some information regarding the software targeted, and...
Read More