Monthly Security Bulletin – May
Learn more about the latest Cybersecurity news in the May edition of our monthly Security bulletin, prepared by our Senior Security Analysts.
May hot topics:
- GitLab has addressed a critical severity vulnerability that could allow remote attackers to take over user accounts using hardcoded passwords
- Palo Alto Networks warned customers that some of its firewall, VPN, and XDR products are vulnerable to a high severity OpenSSL infinite loop bug disclosed three weeks ago. Threat actors can exploit this security vulnerability (tracked as CVE-2022-0778) to trigger a denial of service state and remotely crash devices running unpatched software
- Microsoft has discovered a new malware used by the Chinese-backed Hafnium hacking group to maintain persistence on compromised Windows systems by creating and hiding scheduled tasks
The modern cybersecurity threat landscape is constantly evolving. New vulnerabilities and zero-day attacks are discovered every day, while the old vulnerabilities still exist. Mitigating modern cyber threats require solutions for continuous monitoring, correlation, and behavior analysis that are expensive and require a significant amount of time to be implemented. Moreover, many organizations struggle to hire and retain the expensive security experts needed to operate those solutions and provide value by defending the organizations. The ASOC (Advanced Security Operations Center) by Telelink Business Services allows organizations to get visibility, control, and recommendations on improving their cybersecurity posture for a fixed and predictable monthly fee.