SecOps & Risk mitigation
CyberProof uses OSINT and threat intelligence feeds for visibility into threats.
CyberProof’s adaptable playbooks address continuously evolving threats with updated strategies.
Professionals manage sophisticated networks, leveraging experience to counter advanced threats.
Professionals manage sophisticated networks, leveraging experience to counter advanced threats.
24/7 global SOC support ensures incident response with guaranteed SLA.
24/7 global SOC support ensures incident response with guaranteed SLA.
CyberProof develops recovery plans, restoring capabilities after a cyber incident.
Classify and manage enterprise assets, understanding risks and data sensitivity.
Non-destructive tests uncover potential exploits in assets and applications.
Mitigate security issues early with CyberProof’s training and awareness programs.
Rigorous security assessment for on-premise and cloud applications to ensure protection.
IAM manages user access, monitors for anomalies, ensuring security.
Cloud First approach ensures compliance and security within cloud environments.
Managed service for SIEM, EDR, MXDR, and threat intelligence solutions.
Identify, assess, and mitigate security vulnerabilities through regular scanning.
Partners
See all partnersCase Studies
90% increase in visibility after deploying Microsoft XDR with CyberProof
Enterprise saves millions on data ingestion & storage following cloud migration.
International logistics company sees 40% savings in security operations costs
Threat Alerts
Microsoft Rolls Out Fixes for Four Actively Exploited Zero-Day Vulnerabilities
Microsoft’s September Patch Tuesday release addressed 79 vulnerabilities, including four zero-day vulnerabilities that have been actively exploited in the wild. Among these, two significant high-severity flaws—CVE-2023-43491 and CVE-2023-38014—stand out due to their elevated risk to corporate Windows environments.
CVE-2024-43491 is a remote code execution (RCE) vulnerability in Microsoft Windows Update, with a CVSS score of 9.8. This flaw allows attackers to execute arbitrary code without requiring user interaction or elevated privileges, making it extremely dangerous. While no active exploitation has been confirmed yet, the vulnerability’s low complexity and potential for widespread abuse, caused Microsoft to proceed with the assumption that it is under active exploitation.
CVE-2024-38014 (CVSS 7.8) is a Windows Installer Elevation of Privilege vulnerability, stemming from improper privilege management. Exploiting this flaw allows attackers to escalate their privileges and take full control of a compromised system. Active exploitation of this flaw has already been observed.
Additionally, two other notable vulnerabilities—CVE-2024-38217 (CVSS 5.4) and CVE-2024-38226 (CVSS 7.3)—pose further risks. CVE-2024-38217 impacts the Windows Mark-of-the-Web (MotW) feature, enabling attackers to bypass security warnings for untrusted files. CVE-2024-38226, a Microsoft Publisher security bypass vulnerability, lets attackers circumvent protections against malicious macros in downloaded files. Both have been actively exploited, highlighting the urgency for timely patching across affected systems.
Patch Released for Critical Adobe Acrobat’s CVE-2024-41869 Security Flaw
Users are strongly urged to upgrade Adobe Acrobat Reader following the release of a critical update. This patch addresses a zero-day vulnerability, CVE-2024-41869, which allows for remote code execution. A proof-of-concept exploit for this vulnerability is already publicly available and has been observed in the wild.
This critical vulnerability has a CVSS score of 9.8 and involves a “use after free” bug. This type of bug occurs when a program continues to access a memory location that has already been deallocated. Such behavior can lead to unpredictable outcomes, including crashes or freezes. However, if a malicious actor manages to insert their own code into the freed memory area, and the program subsequently interacts with it, the vulnerability can be exploited to execute arbitrary and potentially harmful code on the affected system. “Use after free” vulnerabilities are particularly dangerous because they can allow attackers to gain control over the device or compromise its security.