Nation-State Attackers Exploiting Ivanti CSA Flaws for Network Infiltration (Mon, 14 Oct 2024)
A suspected nation-state adversary has been observed weaponizing three security flaws in Ivanti Cloud Service Appliance (CSA) a zero-day to perform a series of malicious actions. That's according to
findings from Fortinet FortiGuard Labs, which said the vulnerabilities were abused to gain unauthenticated access to the CSA, enumerate users configured in the appliance, and attempt to access the
>> Read more
5 Steps to Boost Detection and Response in a Multi-Layered Cloud (Mon, 14 Oct 2024)
The link between detection and response (DR) practices and cloud security has historically been weak. As global organizations increasingly adopt cloud environments, security strategies have largely
focused on "shift-left" practices—securing code, ensuring proper cloud posture, and fixing misconfigurations. However, this approach has led to an over-reliance on a multitude of DR tools spanning
>> Read more
Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems (Mon, 14 Oct 2024)
Cybersecurity researchers have found that entry points could be abused across multiple programming ecosystems like PyPI, npm, Ruby Gems, NuGet, Dart Pub, and Rust Crates to stage software supply
chain attacks. "Attackers can leverage these entry points to execute malicious code when specific commands are run, posing a widespread risk in the open-source landscape," Checkmarx researchers
Yehuda
>> Read more
THN Cybersecurity Recap: Top Threats, Tools and Trends (Oct 7 - Oct 13) (Mon, 14 Oct 2024)
Hey there, it's your weekly dose of "what the heck is going on in cybersecurity land" – and trust me, you NEED to be in the loop this time. We've got everything from zero-day exploits and AI gone
rogue to the FBI playing crypto kingpin – it's full of stuff they don't 🤫 want you to know. So let's jump in before we get FOMO. ⚡ Threat of the Week GoldenJackal Hacks Air-Gapped Systems: Meet
>> Read more
Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware (Mon, 14 Oct 2024)
Threat actors are actively attempting to exploit a now-patched security flaw in Veeam Backup & Replication to deploy Akira and Fog ransomware. Cybersecurity vendor Sophos said it has been
tracking a series of attacks in the past month leveraging compromised VPN credentials and CVE-2024-40711 to create a local account and deploy the ransomware. CVE-2024-40711, rated 9.8 out of 10.0 on
the
>> Read more