Catch-IT

Catch-IT: Multiple Vulnerabilities Discovered in Apple Products

Multiple vulnerabilities (CVE-2024-44308 and CVE-2024-44309) have been discovered in Apple products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user.  Depending on the privileges [...]

By |2024-11-21T15:35:45-05:00November 21st, 2024|Categories: Catch IT, News|Tags: , , , , , , |

Catch-IT: Hackers Exploit ZIP File Concatenation Technique to Bypass Detection on Windows Machines

Hackers are using ZIP file concatenation to bypass security solutions and infect their targets with malware through email messages, experts have warned. A new method in cyberattacks uses ZIP file concatenation to deliver malicious payloads undetected. By leveraging differences in ZIP parser handling, attackers can hide trojans in ZIP files, targeting [...]

By |2024-11-12T15:12:57-05:00November 12th, 2024|Categories: Catch IT, News|Tags: , , , , , , |

New Chrome Threat: Make Sure Your Browser is Up to Date

Google released a critical security update for its Chrome web browser to address attackers exploiting a high-severity vulnerability. The update brings Chrome to version 124.0.6367.201 for Windows, Mac, and Linux users on the Stable release channel. The vulnerability, tracked as CVE-2024-4671, is a “use after free” flaw in the [...]

By |2024-05-10T13:01:08-05:00May 10th, 2024|Categories: Catch IT, News|Tags: , , , , , , |

Patches Issued for Microsoft Products

April’s Patch Tuesday was a record-breaker for Microsoft, with the software giant releasing patches for 147 vulnerabilities — more than researchers can recall ever seeing previously in a single month.  This month’s list initially appeared to contain no zero-day vulnerabilities, but researchers were quick to correct this — pointing [...]

By |2024-04-10T11:28:37-05:00April 10th, 2024|Categories: Catch IT, News|Tags: , , , , , , |

Top Ransomware Trends – Q1 2024

For the first quarter of 2024, ransomware incidents reported to the NJCCIC consisted of Akira, LockBit, and Play ransomware. There was a sharp increase in Akira ransomware attacks, particularly after the LockBit ransomware group’s takedown. Akira ransomware operators are known for their sophisticated attacks, especially against US healthcare organizations. [...]

By |2024-04-05T08:23:19-05:00April 4th, 2024|Categories: Catch IT, News|Tags: , , , , , , |

Catch-IT: Multiple Vulnerabilities Found in Apple Products

Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for privilege escalation. Successful exploitation of the most severe of these vulnerabilities could allow for privilege escalation in the context of the logged on user. Depending on the privileges associated with the user, an [...]

By |2024-03-06T11:23:32-05:00March 6th, 2024|Categories: Catch IT, News|Tags: , , , , , , |

Catch-IT: Multiple Vulnerabilities Found in Microsoft Products

Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new [...]

By |2024-02-14T14:37:09-05:00February 14th, 2024|Categories: Catch IT, News|Tags: , , , , , , |

3 Important Considerations for 2024

With 2024 in full swing, we know budgets have been prepared and are in full-swing implementation.  Hoping you made considerations in security investments for the coming year to better protect your organization from growing threats, we wanted to highlight 3 things for consideration.  If you haven't given these areas [...]

By |2024-01-17T12:25:24-05:00January 17th, 2024|Categories: BMT Announcement, CyberSecurity, News|Tags: , , , , |

Catch-IT: Turning Off iPhone’s New NameDrop Feature

Installed as part of the latest iPhone iOS 17 update, NameDrop allows users to share contact information with any other iPhone by holding the phones close together.  Although it makes sharing contacts easier, some people are leery of the potential risks. How Does NameDrop work? All one has to do [...]

Catch-IT: Update Google Chrome Now – Serious Security Flaw Identified

Google has rushed to patch a zero-day vulnerability in Chrome that was exploited by a commercial spyware vendor.  If you haven't done so already, we encourage you to update your Chrome browser ASAP.  CVE-2023-5217 exists in the wild and this flaw could have allow criminals to sneakily install spyware [...]

By |2023-09-28T11:03:54-05:00September 28th, 2023|Categories: Catch IT, News|Tags: , , , , , , |

Catch-IT: Multiple Vulnerabilities Found in Adobe Products

Adobe's Patch Tuesday update for September 2023 comes with a patch for a critical actively exploited security flaw in Acrobat and Reader that could permit an attacker to execute malicious code on susceptible systems.  The vulnerability, tracked as CVE-2023-26369, is rated 7.8 for severity on the CVSS scoring system and impacts [...]

By |2023-09-14T12:12:44-05:00September 14th, 2023|Categories: Catch IT, News|Tags: , , , , , , |

Catch-IT: August Patch Tuesday Identifies Two Zero-Day Vulnerabilities

This month's Microsoft Patch Tuesday fixes two zero-day vulnerabilities, with both exploited in attacks and one of them publicly disclosed. Identified Vulnerabilities The first zero-day vulnerability, CVE-2023-36884, is a remote code execution vulnerability in the Windows Search component. This vulnerability can be exploited by an attacker to send a [...]

By |2023-08-09T10:23:36-05:00August 9th, 2023|Categories: Catch IT, News|Tags: , , , , , , |
Go to Top