Cyber risk and advisory programs that identify security gaps and build strategies to address them.
MDR that provides improved detection, 24/7 threat hunting, end-to-end coverage and most of all, complete Response.
Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.
Be protected by the best from Day 1.
24/7 Threat Investigation and Response.
Expert hunting, research and content.
Defend brute force attacks, active intrusions and unauthorized scans.
Safeguard endpoints 24/7 by isolating and remediating threats to prevent lateral spread.
Investigation and enhanced threat detection across multi-cloud or hybrid environments.
Configuration escalations, policy and posture management.
Detects malicious insider behavior leveraging Machine Learning models.
Customer testimonials and case studies.
Stories on cyberattacks, customers, employees, and more.
Cyber incident, analyst, and thought leadership reports.
Demonstrations, seminars and presentations on cybersecurity topics.
Information and solution briefs for our services.
MITRE ATT&CK Framework, Cybersecurity Assessment, SOC Calculator & more
A vulnerability affecting the Ghostscript suite of software has been discovered and publicly released [1]. Ghostscript is an open source software based on Adobe Systems' PostScript and is widely used across the Windows, Linux and Apple machines. If exploited the vulnerability could allow a remote, unauthenticated threat actor to run commands, create files and delete or extract data. The exploitation of this vulnerability has not been seen in the wild at this time, but proof of concept code has been released [2]. It is likely that more widespread exploitation attempts will be seen in the near future.
This attack is possible due to the implementation of the –dSAFER sandbox. The sandbox is meant to validate content but can be circumvented to allow malicious content through. The attack is carried out by sending a malformed file (PDF, PostScript, XPF or EPS); when the file reaches the Ghostcript interpreter it automatically executes and infects the host machine.
A potential short term fix for this vulnerability is to disable PS, EPS, PDF, and XPS coders. This is not recommended due to the high potential for business disruption. Due to the wide range of programs that rely on Ghostscript, this vulnerability should be taken seriously and patches should be applied as soon as vendors make them available.
References: