Sedara arms you with everything you need to protect your cybersecurity infrastructure. From articles to white papers and video content to news updates, we ensure your organization is prepared to detect and eliminate threats to your network.
Cybersecurity terminology can be complicated. Not sure what something means? Look it up on our Cybersecurity Glossary of Terms >
Get our actionable content delivered to your inbox monthly (videos, blogs, papers, and more), and get timely updates on new and evolving threats–and what to do about them–just like our clients do.
Filter By:
Security Bulletin
Sedara Security Bulletin: Out-of-Bounds Write Vulnerability in FortiOS
Vulnerability: CVE-2024-21762 and CVE-2024-24113 Description of the vulnerability: Fortinet reports that there is an out-of-bounds write vulnerability in SSL-VPN, CVE-2024-21762 (CVSSv3 score 9.6). An out-of-bounds write vulnerability is similar to a buffer overflow, writing data beyond the boundaries of allocated memory. This vulnerability may allow a remote unauthenticated attacker to…
February 15, 2024
Security Bulletin
Sedara Security Bulletin: Microsoft Monthly Security Update
Summary Microsoft released their monthly security update on Tuesday, which included fixes for three zero-day vulnerabilities. These vulnerabilities are rated “important”. They affect services that are commonly enabled on core…
November 16, 2023
Articles
Using “Canaries” to Detect Intruders
What do “canaries” have to do with cyber security? Staying ahead of potential threats and breaches is a constant battle. One innovative solution is the use of “canaries” to detect…
October 12, 2023
Security Bulletin
Sedara Security Bulletin: Zimbra
Summary: Zimbra Collaboration Suite version 8.8.15 is vulnerable to a reflected cross-site scripting (XSS) flaw, due to inadequate input sanitization. Zimbra is a popular open-source email software package. The flaw…
July 20, 2023
Security Bulletin
Sedara Security Bulletin: Cisco SD-WAN vManage
Summary: A security flaw has been found in Cisco SD-WAN vManage, potentially allowing an unauthenticated attacker to bypass security measures for read and limited write access to the device. Cisco…
July 19, 2023
Articles
A Red Team’s Perspective: How to Scope a Penetration Test
Penetration testing is a crucial part of a comprehensive cybersecurity plan. By simulating a real-world attack, a penetration test can help identify vulnerabilities and weaknesses across systems, networks, and applications…
June 28, 2023
Security Bulletin
Sedara Security Bulletin: MOVEit Transfer
Summary: On May 31 2023, the vendor Progress Software released a security advisory about its product, MOVEit Transfer managed file transfer (MFT) software. MOVEit has been used by thousands of…
June 4, 2023
Security Bulletin
Sedara Security Bulletin: PaperCut Software Vulnerabilities
Summary: PaperCut is enterprise software used for print and file management. They recently published two vulnerability reports for high-severity security issues in their PaperCut MF/NG products. The most severe vulnerability…
May 1, 2023
Articles
Microsoft 365 Security Series – Using Azure Active Directory to secure your Microsoft 365 Installation
What’s the difference between Azure AD and Microsoft 365? Microsoft 365 (formerly Office 365) is a Software-as-a-Service (SaaS) that offers a cloud-based version of its popular software productivity suite, including…
April 19, 2023
Security Bulletin
Sedara Security Bulletin: Microsoft Outlook Elevation of Privilege Vulnerability
Summary: Recently, Microsoft discovered a vulnerability in Microsoft Outlook for Windows. The vulnerability lets a remote, unauthenticated attacker to steal a victim’s NTLMv2 hash by sending a specially crafted email…
March 16, 2023
Articles
How Microsoft 365 – E5 Can Help Protect Your Organization Against Phishing Attacks
Microsoft 365 E5 is an enterprise cloud-based suite of Microsoft Office productivity apps combined with advanced voice, analytics, security, and compliance services. It is an upgrade over lower tiers E1…
March 8, 2023