Cyber risk and advisory programs that identify security gaps and build strategies to address them.
MDR that provides improved detection, 24/7 threat hunting, end-to-end coverage and most of all, complete Response.
Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.
Be protected by the best from Day 1.
24/7 Threat Investigation and Response.
Expert hunting, research and content.
Defend brute force attacks, active intrusions and unauthorized scans.
Protect assets from ransomware, trojans, rootkits and more.
Intelligence and visibility across AWS, O365, DevOps and more.
Configuration escalations, policy and posture management.
Detects malicious insider behavior leveraging Machine Learning models.
A remote code execution vulnerability, designated CVE-2018-01121, has been discovered in three Cisco WebEx products. If security patches are not applied, a remote attacker may be able to execute malicious code on the machines of all individuals attending a WebEx meeting. The affected WebEx products fail to fully validate shared files, allowing the attacker to send and execute a malicious Adobe Flash (.swf) file. The eSentire Threat Intelligence team is not currently aware of any cases of CVE-2018-0112 being exploited in the wild.
For this attack to be successfully executed, an attacker would require access to an ongoing Cisco WebEx Meeting. The attacker could then send a malicious flash file to all meeting attendees’ machines via the meeting file transfer tool. The file can then be executed on attendees’ machines. There is no known solution to this issue outside of applying the latest Cisco patches.
For additional information on this vulnerability and the patching process, please see the Cisco WebEx release 2.