Monthly Security Bulletin – October

Learn more about the latest Cybersecurity news in the October edition of our monthly Security bulletin, prepared by our Senior Security Analysts.

October’s hot topics:

• A fully working exploit of CVE-2021-22005 (9.8/10) impacting VMware vCenter is available, organizations are urged to patch
• 500 000 Fortinet VPN credentials leaked (possibly due to an old vulnerability), administrators are advised to reset access and check logs for intrusions
• An old design flaw in Microsoft Exchange’s Autodiscover service exploited by security researchers to reveal thousands of email credentials
• Malware continues to plague Android devices, reaching critical functions of the OS and stealing money through hidden premium subscriptions

The modern cybersecurity threat landscape is constantly evolving. New vulnerabilities and zero-day attacks are discovered every day, while the old vulnerabilities still exist. Mitigating modern cyber threats require solutions for continuous monitoring, correlation, and behavior analysis that are expensive and require a significant amount of time to be implemented. Moreover, many organizations struggle to hire and retain the expensive security experts needed to operate those solutions and provide value by defending the organizations. The ASOC (Advanced Security Operations Center) by Telelink Business Services allows organizations to get visibility, control, and recommendations on improving their cybersecurity posture for a fixed and predictable monthly fee.