Vulnerabilities in Windows Graphics component allows for Remote Code Execution (CVE-2018-1010)

2018-04-11T23:02:53+00:00Categories: News and Updates|

Microsoft has released a critical security update patching five critical Vulnerabilities in the Font Library of the Microsoft Graphics component. The vulnerabilities affect all currently supported versions of Windows. Microsoft was able to develop and release patches before the vulnerabilities were publicly disclosed, and has released a notice addressing the following CVE's: CVE-2018-1010 CVE-2018-1012 CVE-2018-1013 CVE-2018-1015 CVE-2018-1016 The vulnerabilities exist [...]

Critical Remote Code Execution vulnerability in Cisco IOS, Cisco IOS-XE (CVE-2018-0171)

2018-04-06T15:32:36+00:00Categories: News and Updates|Tags: , |

A critical remote code execution vulnerability has been discovered in Cisco's Smart Install Client code. Remote attackers can leverage this vulnerability to execute arbitrary code without any authentication. This can also be used to create Denial of Service conditions. The vulnerability was initially presented at GeekPWN 2017 Hong-Kong May 13th, 2017, and was patched by [...]

Critical CPU Vulnerabilities Meltdown and Spectre Allow Access to Sensitive Data

2018-04-06T15:33:00+00:00Categories: News and Updates|

Spectre CVE-2017-5753 -- CVE-2017-5715 Meltdown CVE-2017-5754 What are Meltdown and Spectre? Meltdown and Spectre are a set of critical vulnerabilities found in the design of processors dating back to 1995. Both vulnerabilities were discovered independently and announced together to allow vendors to develop and distribute patches. Meltdown, the more serious of the two, allows an attacker [...]

Serious weakness discovered in WPA2 protocol used to secure all Wi-Fi networks

2017-10-16T20:50:00+00:00Categories: News and Updates, Threat Intel|

This blog post was written for rapid release. Please check back for further details and updates as it becomes available. A serious weakness in WPA2 was discovered and published this morning here, which allows an attacker within wireless range to exploit this weakness using a Key Reinstallation Attack (KRACKS). This discovery can be leveraged by potential attackers to capture encrypted [...]

ElevatedPrompt on Risk it podcast with Brayden York

2017-04-24T17:01:12+00:00Categories: News and Updates|

ElevatedPrompt's CEO, Jason Ng, is featured in this week's Risk it podcast with Brayden York. Discussion on cybersecurity and risk. http://www.baseportfolio.com/riskitpodcast/15-cyber-breaches-and-proactive-protection-with-jason-ng Cybersecurity awareness and visibility is a vital part of keeping your organizations secure. Find out how ElevatedPrompt can help your organization today.

Come by our booth March 13 & 14, 2017 at BSides Vancouver, a two-day, high-caliber gathering for information security professionals, hackers, coders and the greater tech community. link to https://bsidesvancouver.com/