Types of Cyberattack, Specific Risks and How to Mitigate those Risks
Please note that the list of cyberattack types is distributed by the Canadian Centre for Cyber Security and the means to mitigate is provided by third parties. This information is not meant to be exhaustive and Skyway West is not responsible for omissions or mistakes.
What is the Broadcom VMWare Time-of-Check, Time-of-Use (TOCTOU) Vulnerability (CVE-2025-22224), what is the risk and how can you mitigate that risk?
What is it? Broadcom VMWare is a popular virtualization server software that allows more than one virtual server to run on a single physical server. Different virtual servers may run different operating systems. VMWare (ESXi and Workstation) has a flaw that allows a skilled attacker to take control of the host/physical server. Why is it a risk? An ...What are the Broadcom VMWare Deleted Admin Group (CVE-2024-37085) and DDoS (CVE-2024-37086, CVE-2024-37087) Vulnerabilities, what is the risk and how can you mitigate that risk?
What is it? Broadcom VMWare is a popular virtualization server software that allows more than one virtual server to run on a single physical server. Different virtual servers may run different operating systems. VMWare (ESXi and vCenter Server) has flaws that allow one user to gain access to all other users by recreating a deleted admin ...What is the Zimbra Collaboration Suite (ZCS) web mail Vulnerability (CVE-2025-68645), what is the risk and how can you mitigate that risk?
What is it? Zimbra Collaboration Suite (ZCS) includes a web mail client written in PHP. A vulnerability exists in the way that files are loaded remotely. Why is it a risk? An attacker can read files on your server or inject PHP logic into mail processing. The Red Hot Cyber link below provides more details This is considered a ...What is the Simple Service Discovery Protocol (SSDP) Vulnerability, what is the risk and how can you mitigate that risk?
What is it? Simple Service Discovery Protocol (SSDP) is used to discover what devices (and their capabilities) are available in a local area network. It is the basis of Universal Plug and Play (UPnP) devices like printers and scanners but it also helps locate network resources. SSDP uses port 1900. Attackers can exploit SSDP ...What is the MeshCentral Command and Control (C&C, or C2) Vulnerability, what is the risk and how can you mitigate that risk?
What is it? MeshCentral is an open-source remote administration tool that provides remote control, hardware and software inventory, system monitoring, and background management including remote terminal and file management. While extremely useful, these remote control features have attracted a number of attackers. Collectively, these threats are known as Command and Control (C&C or C2) attacks. Why is it a ...What is the Broadcom VMWare Memory Management Vulnerability (CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, CVE-2025-41239), what is the risk and how can you mitigate that risk?
What is it? Broadcom VMWare is a popular virtualization server software that allows more than one virtual server to run on a single physical server. Different virtual servers may run different operating systems. Several versions of VMWare (ESXi, Workstation, Fusion and Tools) have various memory management problems. Specifically: Integer Overflow (41236), Integer Underflow (41237), Heap ...What is the ConnectWise ScreenConnect Vulnerability (CVE-2025-14265), what is the risk and how can you mitigate that risk?
What is it? ConnectWise ScreenConnect provides remote support (remote control) to help you support your staff. Remote Control software is naturally an attractive target for cyber attackers. ConnectWise ScreenConnect 25.7 and prior are affected by a bug in the server-side validation and integrity checking system. This bug allows the installation of untrusted or arbitrary extensions. Why is it ...What is the CentreStack and TrioFox file sharing Vulnerability (cve-2025-11371), what is the risk and how can you mitigate that risk?
What is it? Gladinet CentreStack and TrioFox are parts of a file sharing service that does not rely on a traditional VPN (Virtual Private Network). There is an unauthenticated Local File Inclusion Flaw that allows unintended disclosure of system files. You can learn more about the threat at the Huntress link below. Why is it a risk? By accessing ...What is the Cisco Secure Firewall Vulnerability (cve-2025-20333, cve-2025-20362 and cve-2025-10363), what is the risk and how can you mitigate that risk?
What is it? Cisco provides VPN firewall software (Cisco Secure Firewall). Three components of this product: Adaptive Security Appliance (ASA), Firewall Management Center (FMC) and Firewall Threat Defence (FTD) contain a vulnerability that could allow an authenticated, remote attacker to execute arbitrary code on an affected server. Why is it a risk? This is a CRITICAL vulnerability. This vulnerability is currently ...What is the HTTP Vulnerability, what is the risk and how can you mitigate that risk?
What is it? HyperText Transfer Protocol (HTTP) is the protocol used to transfer web pages. It is the “language” that an HTTP Server speaks and a Web Browser understands. HTTP does not include any security measures. HyperText Transfer Protocol Secure (HTTPS) is exactly the same protocol, but with security added. All communications between the server and the ...What is the Basic Access Authentication Vulnerability, what is the risk and how can you mitigate that risk?
What is it? Basic Access Authentication is used by web browsers to allow users to login using HTTP (HyperText Transfer Protocol) with a username and password. This is done by combining username and password separated by a colon and then encoding the result in base 64 (printable characters). By default, the username and password are not encrypted. The ...What is the Exposed CWMP Vulnerability, what is the risk and how can you mitigate that risk?
What is it? CPE WAN Management Protocol (CWMP, also known as TR-069) allows a remote computer to manage broadband routers, VoIP phones, etc. If Universal Plug and Play (UPnP) is supported and configured, CWMP can be used to manage devices inside the local area network. By default, CWMP uses ports 7547-7550. A Man in The Middle (MiTM) ...