Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

November 2024

Snyk

Why a solid DevOps foundation is vital for effective DevSecOps

Nov 27, 2024 By Ben Desjardins In Snyk
As DevOps adoption has grown, organizations are pushing code into production faster than ever. However, the fast pace of DevOps has led many developers to view security as a bottleneck or afterthought, which means security teams need a new approach to keep up.
Read Post
Trustwave

CVE-2024-11477: 7-Zip Flaw Allows Remote Code Execution

Nov 27, 2024 By Pauline Bolaños In Trustwave
On November 20th, 2024, Zero Day Initiative (ZDI) researchers disclosed a critical flaw in 7-Zip. This widely used open-source file archiving software enables remote actors to perform remote code execution (RCE) on vulnerable 7-Zip versions. This vulnerability was originally discovered earlier this year and was reported to 7-Zip in June 2024.
Read Post
Snyk

Measuring AppSec success: Key KPIs that demonstrate value

Nov 26, 2024 By Daniel Berman In Snyk
In the software development industry, proactively securing the software development life cycle (SDLC) from cyber threats must always be a top priority. Taking a shift left approach addresses security early on so your development teams can spend more time innovating and less on dealing with vulnerabilities. But that’s just the beginning.
Read Post
securitysenses

How to Enhance Secure Access to Screen Displays for Remote Workers

Nov 26, 2024 By SecuritySenses In SecuritySenses
Remote work is the new normal, and while it is flexible, it can easily introduce security risks. Protecting sensitive information on screen displays is crucial. With employees working from different locations, it's easier than ever to be exposed to threats. Hackers, unauthorized access, and accidental data sharing are just a few concerns. That's why secure access to screen displays is more important than ever. Let's explore how you can strengthen security for remote workers.
Read Post

How API Vulnerabilities Expose Millions of Records in Just Minutes! #DataLeak #DataBreach

Nov 25, 2024 By Wallarm In Wallarm
APIs are crucial for data flow, but they also open doors for rapid data breaches if security isn't real-time. In this video, we analyze how an API vulnerability led to a 250 million user data leak in just minutes. Learn why fast data flow in APIs requires immediate, real-time protection to prevent major damage. This case also highlights the often-overlooked importance of client-side security in API protection, especially as APIs are increasingly used in mobile apps and browsers. Discover essential insights to safeguard APIs from potential attacks.
View Video
aikido

Path Traversal in 2024 - The year unpacked

Nov 23, 2024 By Mackenzie Jackson In Aikido
Path traversal, also known as directory traversal, occurs when a malicious user manipulates user-supplied data to gain unauthorized access to files and directories. Typically the attacker will be trying to access logs and credentials that are in different directories. Path traversal is not a new vulnerability and has been actively exploited since the 90s when web servers gained popularity, many relied on Common Gateway Interface (CGI) scripts to execute dynamic server-side content.
Read Post
safeaeon

Vulnerability Management as a Service: What Businesses Need to Know

Nov 22, 2024 By SafeAeon Inc. In SafeAeon
Cyber threats are at an all-time high because the digital world is rapidly changing so quickly. Every day, new vulnerabilities are found in security systems. Attacks threaten businesses of all sizes by stealing data, disrupting operations, and damaging reputations. It has become clear that Vulnerability Management as a Service (VMaaS) is the best way for companies to protect their digital assets without having to manage security systems themselves.
Read Post
aikido

Command injection in 2024 unpacked

Nov 22, 2024 By Mackenzie Jackson In Aikido
Command injection is a vulnerability still very prevalent in web applications despite being less famous than its cousins SQL injection or Code injection. If you’re familiar with other injection vulnerabilities, you’ll recognize the common principle: untrusted user input is not properly validated, leading to the execution of arbitrary system commands. This flaw occurs when unvalidated input is passed to system-level functions. So how prominent is command injection actually?
Read Post
splunk

CosmicSting: A Critical XXE Vulnerability in Adobe Commerce and Magento (CVE-2024-34102)

Nov 22, 2024 By Michael Haag In Splunk
The e-commerce world was recently shaken by the discovery of a vulnerability in Adobe Commerce and Magento, two of the most widely used e-commerce platforms. Dubbed "CosmicSting" and designated as CVE-2024-34102, this vulnerability exposes millions of online stores to potential remote code execution and data exfiltration risks.
Read Post
Arctic Wolf

Arctic Wolf Observes Threat Campaign Targeting Palo Alto Networks Firewall Devices

Nov 22, 2024 By Julian Tuin, Stefan Hostetler, Jon Grimm, Aaron Diaz, and Trevor Daher In Arctic Wolf
On November 18, 2024, Palo Alto Networks disclosed the existence of two vulnerabilities (CVE-2024-0012 and CVE-2024-9474) in Palo Alto Networks OS (PAN-OS), the operating system used on their firewall devices. A day later, watchTowr released a report providing technical details on how to chain the two vulnerabilities together to achieve remote code execution of these vulnerabilities.
Read Post
centripetal

Security Bulletin: PAN-OS Authentication Bypass and Privilege Escalation Vulnerabilities

Nov 22, 2024 By Lauren Farrell In Centripetal
On November 19, 2024, Palo Alto Networks disclosed two critical vulnerabilities in its PAN-OS software, CVE-2024-0012 an Authentication Bypas, and CVE-2024-9474 a Privilege Escalation. These vulnerabilities enable attackers to gain unauthorized administrative access and escalate privileges to root level. Exploitation of these vulnerabilities, observed in the wild, has been attributed to a targeted campaign dubbed Operation Lunar Peek.
Read Post
outpost 24

Threat Context monthly: Executive intelligence briefing for November 2024

Nov 22, 2024 By KrakenLabs In Outpost 24
Welcome to the Threat Context Monthly blog series where we provide a comprehensive roundup of the most relevant cybersecurity news and threat information from KrakenLabs, Outpost24’s cyber threat intelligence team. Here’s what you need to know from November.
Read Post
nucleus

Nucleus Ranked No. 85 Among Deloitte's 500 Fastest Growing Companies in North America

Nov 21, 2024 By Steve Carter In Nucleus
We’ve had a lot to celebrate at Nucleus this year, with today’s news being the being one of our most significant achievements of the year. Speaking for the whole company, we are proud to have been named to the Deloitte Technology Fast 500, a ranking of the 500 fastest growing technology companies in North America for 2024, and for the recognition of our 1,562% growth over the past three years.
Read Post
cycognito

Emerging Threat: Palo Alto PAN-OS CVE-2024-0012 & CVE-2024-9474

Nov 20, 2024 By Emma Zaballos In CyCognito
On November 18, 2024, Palo Alto Networks (PAN) fully disclosed two serious vulnerabilities in PAN-OS software that had previously been partially disclosed on November 8th. The first vulnerability, CVE-2024-0012, is a critical severity (9.3) authentication bypass in the PAN-OS management web interface. It allows unauthenticated attackers with network access to gain administrator privileges by bypassing the authentication check entirely, essentially telling the server not to check for authentication at all.
Read Post
ionix

Exploitable! CVE-2024-0012 Authentication Bypass for PAN-OS

Nov 20, 2024 By Nethanel Gelernter In IONIX
An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges and perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities like CVE-2024-9474.
Read Post
Arctic Wolf

Follow-Up: Arctic Wolf Observes Ongoing Exploitation of Critical Palo Alto Networks Vulnerability CVE-2024-0012 Chained with CVE-2024-9474

Nov 20, 2024 By Andres Ramos In Arctic Wolf
On November 19, 2024, Arctic Wolf began observing active exploitation of the recently-disclosed CVE-2024-0012 and CVE-2024-9474 vulnerabilities impacting Palo Alto Networks PAN-OS software. When chained together, these vulnerabilities allow an unauthenticated threat actor with network access to the management web interface to gain administrator privileges.
Read Post
signmycode

What is Blind XSS? How to Detect and Prevent Blind XSS Attacks & Vulnerabilities?

Nov 19, 2024 By SignMyCode In SignMyCode
Blind Cross-Site Scripting is a type of Cross-Site Scripting attack in which the injected script is executed in the context of another page and different circumstances compared to the page in which it was inserted. Blind XSS differs from regular XSS attacks as the attacker cannot see the effect of the injected script in his or her browser since the script is executed in a place that the attacker can not access.
Read Post
outpost 24

Five strategies for uncovering vulnerabilities in web applications

Nov 19, 2024 By Thomas Stacey In Outpost 24
I’ve been working as an Application Security Auditor in Oupost24’s web application security testing team for almost three years now. Our team have shared several pieces of research over the past year, on topics including cross-site request forgery, cross-site scripting attacks, and weaponizing permissive Cross-Origin Resource Sharing (CORS) configurations.
Read Post
Trustwave

Managed Vulnerability Scanning: Key Findings and the Importance of Regular Patching

Nov 19, 2024 By Mary Eduel Neyra In Trustwave
There is no doubt about the value of conducting Managed Vulnerability Scanning. Trustwave has posted multiple blogs on the topic, (just check here, here, and here) for a look at how Trustwave approaches this very important cybersecurity procedure. One point we have not covered is exactly what kind of vulnerabilities Trustwave SpiderLabs’ analysts find during a scan. Are they truly dangerous? What would happen if the client had opted to give a pass to an MVS occurrence?
Read Post
Snyk

How to prioritize vulnerabilities based on risk

Nov 19, 2024 By Daniel Berman In Snyk
When it comes to vulnerability management, many security teams opt for a simple strategy that involves tracking the number of vulnerabilities. Counting vulnerabilities produces a straightforward metric that can be monitored and reported, making it easy to compare an organization’s security posture to peers or industry benchmarks. It's also useful for compliance purposes, as some standards require reporting the number of discovered vulnerabilities.
Read Post
indusface

CVE-2024-9264 - Grafana's SQL Expressions Vulnerability

Nov 19, 2024 By Vivek Chanchal In Indusface
A critical vulnerability, CVE-2024-9264, has been discovered in Grafana, the open-source analytics and visualization platform widely used by organizations worldwide. According to Netlas.io, over 100,000 Grafana instances may be vulnerable globally, with nearly 19,000 in the U.S. alone. This vulnerability poses significant risks, enabling remote code execution (RCE), allowing attackers to execute arbitrary system commands and access sensitive files.
Read Post
outpost 24

How to increase cyber resilience

Nov 18, 2024 By Stijn Vande Casteele In Outpost 24
Making your organization’s attack surface lean and agile improves your cyber resilience and demotivates bad actors. The first step to avoid cyber attacks is to get your attack surface in order. The Sweepatic External Attack Surface Management (EASM) Platform is built to help you with building cyber resilience. It lists, structures and prioritizes observations by criticality. 67%
Read Post
detectify

How our new engine framework helped address the critical CUPS vulnerability within the day

Nov 18, 2024 By Dan Eidmark & André Schaffer In Detectify
When a critical vulnerability in the printing system CUPS started raising alarms among security teams, Detectify had already entered war-room mode to address the situation. Within the day, customers could test whether they were vulnerable thanks to the rollout of a new scanning engine framework that reinvents how Detectify operates under the hood, allowing for a faster and more efficient response to security threats.
Read Post
Arctic Wolf

Follow-Up: Critical Authentication Bypass Vulnerability in Palo Alto Networks Firewalls Actively Exploited (CVE-2024-0012)

Nov 18, 2024 By Andres Ramos In Arctic Wolf
On November 18, 2024, Palo Alto Networks (PAN) released updated information on an actively exploited vulnerability impacting PAN-OS, the operating system that powers PAN firewalls. Originally disclosed last week as a remote command execution vulnerability, this flaw has now been reclassified as an authentication bypass flaw and assigned CVE-2024-0012.
Read Post
jfrog

CVE-2024-10524 Wget Zero Day Vulnerability

Nov 18, 2024 By Goni Golan In JFrog
While researching CVE-2024-38428 in GNU’s Wget, our team found a new 0-day vulnerability. The vulnerability, later assigned CVE-2024-10524, may lead to various types of attacks – including phishing, SSRF, and MiTM. These attacks can have severe consequences such as resource restriction bypass and sensitive information exposure. Upon discovering this vulnerability, our team responsibly disclosed it to the Wget maintainers. A patch was released on November 11 and is included in Wget 1.25.0.
Read Post
centripetal

Palo Alto Networks Expedition Multiple Vulnerabilities (CVE-2024-9463, CVE-2024-9464, CVE-2024-9465, CVE-2024-9466, CVE-2024-9467)

Nov 18, 2024 By Lauren Farrell In Centripetal
On November 14, 2024, Palo Alto Networks disclosed five critical vulnerabilities in its Expedition configuration migration tool, a solution designed to simplify the migration of firewall configurations from third-party vendors to Palo Alto Networks’ PAN-OS infrastructure. These vulnerabilities—tracked as CVE-2024-9463, CVE-2024-9464, CVE-2024-9465, CVE-2024-9466, and CVE-2024-9467—expose users to risks such as unauthorized access, data leakage, and system compromise.
Read Post

2023 Top Routinely Exploited Vulnerabilities | Threat SnapShot

Nov 15, 2024 By SnapAttack In SnapAttack
On November 12, 2024, a joint cybersecurity advisory was released by agencies from the United States, Australia, Canada, New Zealand, and the United Kingdom. This advisory highlights the **top routinely exploited vulnerabilities of 2023**, offering insights into persistent threats and the measures organizations can take to protect themselves.
View Video
Arctic Wolf

Critical Unauthenticated Remote Command Execution Vulnerability in Palo Alto Networks Firewalls Actively Exploited

Nov 15, 2024 By Andres Ramos In Arctic Wolf
On November 14, 2024, Palo Alto Networks (PAN) revealed that a critical unauthenticated remote command execution vulnerability is being actively exploited against internet-exposed firewall management interfaces. According to their security advisory, Prisma Access and Cloud NGFW are not impacted by this issue. A CVE has not yet been assigned to the vulnerability.
Read Post
securitysenses

7 Tips to Achieve SOC 2 Compliance Faster

Nov 15, 2024 By Christian Khoury In SecuritySenses
I'm going to show you how to achieve SOC 2 compliance faster than you thought possible. You'll learn exactly how to streamline your compliance process, so you can secure that critical SOC 2 report in record time - without the usual headaches. No more wasting months buried in documentation, or worrying that your controls won't meet the auditor's standards. You'll avoid costly delays and prevent unnecessary stress as you move through the audit process.
Read Post
Snyk

Understanding command injection vulnerabilities in Go

Nov 14, 2024 By Liran Tal In Snyk
Go developers might need to use system commands for various scenarios, such as image manipulation, where they need to process or resize images or execute system commands to manage resources or gather metrics or logs. At other times, perhaps you are building a new system in Go that needs to interface with existing legacy systems. This interface leans on executing system commands and processing their output.
Read Post
nucleus

Understand How Internet Exposure Impacts Vulnerability Management and Cyber Risk

Nov 14, 2024 By Aaron Unterberger In Nucleus
As organizations continue to embrace digital transformation, their infrastructure increasingly spans cloud environments, third-party integrations, and remote work setups. This shift enhances efficiency and productivity—but also broadens the digital attack surface, creating new points of exposure to the public internet.
Read Post
Trustwave

Top Database Security Tools for Enhanced Vulnerability Assessment and Compliance

Nov 14, 2024 By Trustwave In Trustwave
Let’s take a look at how traditional vulnerability assessment (VA) tools compare to those built specifically to assess database security. General vulnerability assessment tools have been in use for more than 25 years, so the technology is mature. However, there are significant differences in the tools available and their specific purposes regarding database security management. Many VA solutions on the market offer general vulnerability assessments, focusing on a wide range of IT assets.
Read Post
Snyk

Snyk named a Customer Favorite in The Forrester Wave: Software Composition Analysis Software, Q4 2024 Report

Nov 13, 2024 By Peter McKay In Snyk
Snyk is proud to announce that our developer security platform has been recognized as a Leader in The Forrester Wave: Software Composition Analysis (SCA) Software, Q4 2024 report. In this evaluation, we were one of just three Leaders and were named a Customer Favorite.
Read Post

Exploitation Walkthrough: ESC15/EKUwu with Justin Bollinger from TrustedSec

Nov 13, 2024 By LimaCharlie In LimaCharlie
Justin Bollinger, Principal Security Consultant at TrustedSec, discussed his research and mitigation guidance on ADCS ESC15 (CVE-2024-49019), also known as EKUwu, a vulnerability in Microsoft's Active Directory Certificate Services.
View Video
indusface

OWASP Top 10 Vulnerabilities in 2021: How to Mitigate Them?

Nov 13, 2024 By Vinugayathri Chinnasamy In Indusface
The OWASP Top 10 is a research-based document that raises awareness among developers, organizations, and security professionals on the most critical security risks facing web applications. The latest is the OWASP Top 10 vulnerabilities 2021, released in September 2021 after a 4-year gap. In this article, the OWASP Top 10 vulnerabilities 2021 are explained in detail, along with ways to mitigate each.
Read Post
ionix

CVE-2024-8068 and CVE-2024-8069: Citrix Session Recording Vulnerability

Nov 13, 2024 By Nethanel Gelernter In IONIX
Two Citrix vulnerabilities (CVE-2024-8068 and CVE-2024-8069) can potentially lead to unauthenticated remote code execution. Note: according to the vendor, privilege escalation to NetworkService Account access in Citrix Session Recording and limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording is possible when an attacker is an authenticated user in the same intranet.
Read Post
astra

Stored XSS Vulnerability in bodi0's Easy Cache Plugin

Nov 12, 2024 By Prateek Kuber In Astra
Product Name: bodi0’s Easy Cache Vulnerability: Stored XSS Vulnerable Version: Will be disclosed soon CVE: Will be disclosed soon On September 16, 2024, the team of pentesters at Astra Security found a stored Cross-Site Scripting or XSS in bodi0’s Easy Cache plugin. It is a plugin designed for WordPress that helps optimize the caching functionality, thus allowing enhanced page loading and reducing the server load.
Read Post
foresiet

Inside the MOVEit Breach: How Cl0p and Nam3L3ss Expose Organizations to Ongoing Cyber Threats

Nov 12, 2024 By Foresiet In Foresiet
In 2023, a critical vulnerability in MOVEit Transfer software (CVE-2023-34362) was weaponized by the Cl0p ransomware group, leading to a substantial leak of sensitive employee data from major global corporations. The flaw in MOVEit allowed attackers to bypass authentication and access secure files, resulting in a far-reaching data breach that impacted various sectors including finance, healthcare, government, and retail. Vulnerability Details and Affected Software Nam3L3ss: Profiling Cl0p Ransomware Data.
Read Post
Snyk

Extending Developer Security with Dev-First Dynamic Testing

Nov 12, 2024 By Manoj Nair In Snyk
Today, we announced the exciting news that Snyk has acquired Probely, a fast-growing modern provider of API Security Testing and Dynamic Application Security Testing (DAST). With this addition, Snyk now offers a full range of development and application security solutions, with customers immediately benefiting from a broader range of developer friendly testing techniques.
Read Post
Snyk

How ASPM boosts visibility to manage application risk

Nov 12, 2024 By Daniel Berman In Snyk
How often are you surprised by a threat or vulnerability from a software asset you never knew existed? For many companies, the answer is, “More often than we’d like.” This is because you can’t protect what you can’t see. Full visibility across the entire software supply chain is a must for AppSec teams, but this comprehensive view across the attack surface can be elusive.
Read Post
ionix

Understanding CVE-2024-50340 - Remote Access to Symfony Profiler

Nov 12, 2024 By Nethanel Gelernter In IONIX
According to security researcher nol_tech CVE-2024–50340 is a critical vulnerability (CVSS: 7.3) affecting Symfony applications when the PHP directive register_argc_argv is enabled. By appending ?+--env=dev to a URL, attackers can force the application into the dev environment, granting remote access to the Symfony profiler. This exposure can lead to the leaking of sensitive information and potentially executing arbitrary code.
Read Post
manageengine

Active Directory security: Exploiting certificate services

Nov 11, 2024 By AD360 In ManageEngine
Active Directory (AD) is crucial for an organization’s identity and access management strategy, but its complex architecture is also a prime zone for overlooked vulnerabilities. One such feature that’s often overlooked is Active Directory Certificate Services (ADCS). Active Directory Certificate Services ADCS is a service that provides a robust solution for managing digital certificates in a Windows Server environment. It leverages AD to manage certificates in a domain environment.
Read Post
lookout

Mastering the Mobile Vulnerability Management Process

Nov 8, 2024 By Lookout In Lookout
Smartphones and tablets can be invaluable tools in the workplace. They can also be tempting targets for cyber threats. Mobile attacks are on the rise, and outdated operating systems and misconfigured devices only exacerbate the issue. To protect your data, your users, and your organization’s digital integrity, you need a comprehensive mobile vulnerability management process.
Read Post
datadog

Protect your applications from zero-day attacks with Datadog Exploit Prevention

Nov 7, 2024 By Christophe Papazian In Datadog
Due to their numerous components and dependencies, web applications often have multiple vulnerabilities—many of them unknown and susceptible to zero-day attacks—that can be exploited by malicious HTTP requests. Determining whether a vulnerability exists is challenging without visibility into an application’s real-time data and event flows, which isn’t possible with existing firewall-based solutions.
Read Post
Arctic Wolf

CVE-2024-42509, CVE-2024-47460: Critical RCE Vulnerabilities Impacting HPE Aruba Networking Access Points

Nov 7, 2024 By Andres Ramos In Arctic Wolf
On November 5, 2024, Hewlett Packard Enterprise (HPE), the parent company of Aruba Networks, released a security bulletin addressing two critical-severity vulnerabilities affecting Aruba Networks Access Points. These vulnerabilities, identified as CVE-2024-42509 and CVE-2024-47460, could allow unauthenticated command injection.
Read Post
Snyk

GitFlops: The Dangers of Terraform Automation Platforms

Nov 7, 2024 By Elliot Ward In Snyk
Terraform is today’s leading Infrastructure-as-Code platform, relied upon by organizations ranging from small startups to multinational corporations. It enables teams to declaratively manage their cloud or on-premises infrastructure, allowing them to provision or decommission infrastructure components simply, consistently, and with auditability.
Read Post
outpost 24

How to shield your attack surface from SSL misconfigurations

Nov 6, 2024 By Marcus White In Outpost 24
When we carry out an assessment of an organization’s attack surface, it’s often SSL (Secure Sockets Layer) misconfigurations (and other encryption-related issues) that get the worst average scores. Research has estimated that 95% of applications have some kind of misconfiguration or vulnerability. These issues are often overlooked, but they shouldn’t be – their visibility to attackers make them an attack route that’s likely to be exploited.
Read Post
nucleus

What Is Risk Based Vulnerability Management?

Nov 6, 2024 By Scott Kuffer In Nucleus
Risk-based vulnerability management (RBVM) is an approach that focuses on prioritizing vulnerability remediation based on risk. RBVM prioritizes remediating vulnerabilities that pose the greatest risk to an organization. While some organizations depend solely on independent scoring methodologies like CVSS or EPSS, effective RBVM takes into consideration the business criticality of assets and ties in threat intelligence to make prioritization decisions.
Read Post
manageengine

Detect and secure your network from firmware vulnerabilities using Network Configuration Manager

Nov 5, 2024 By General In ManageEngine
Adopting proactive security against firmware vulnerabilities is more critical than ever. A vulnerability survey from Ponemon Institute showed that 60% of data breaches result from unpatched vulnerabilities, highlighting how delays in firmware patch deployment can severely weaken an organization’s defenses. Firmware supports key devices like routers, switches, and firewalls, and when compromised, can grant attackers persistent access to critical systems.
Read Post
kondukto

Okta vulnerability explained (bcrypt auth bypass)

Nov 5, 2024 By Cenk Kalpakoğlu In Kondukto
Okta Bcrypt Authentication Bypass Explained Last week, on October 30th, Okta released an interesting security advisory detailing a vulnerability that could potentially lead to an authentication bypass. According to Okta, the vulnerability was discovered during an internal review and was promptly addressed. Okta was transparent about the issue, sharing the details publicly.
Read Post
outpost 24

Operation Magnus: Analyzing the cybercrime community reaction

Nov 5, 2024 By Lidia López Sanz In Outpost 24
International cooperation has become crucial to disrupt the operations of malicious cybercrime actors. A prime example of this is ‘Operation Magnus’ which has showcased the effectiveness of global collaboration in tackling sophisticated threats. By dismantling their infrastructure and exposing key players, Operation Magnus not only delivered a significant blow to cybercriminals but also sent shockwaves throughout underground forums and dark web communities.
Read Post
Arctic Wolf

CVE-2024-10443: Critical Zero-Click RCE Vulnerability Discovered in Synology NAS Devices

Nov 4, 2024 By Andres Ramos In Arctic Wolf
On November 1, 2024, details of a critical vulnerability affecting Synology NAS devices, which had been patched a few days earlier, were publicly disclosed. This vulnerability, tracked as CVE-2024-10443 is classified as a zero-click flaw, meaning no user interaction is required for exploitation. The issue originates from the SynologyPhotos application, which comes pre-installed and enabled by default on Synology’s BeeStation storage devices and is also widely used among DiskStation users.
Read Post
astra

Broken Access Control in Committee Management System

Nov 1, 2024 By Prateek Kuber In Astra
On 24 September 2024, the security researchers at Astra discovered a critical broken access control vulnerability in the Class Committee Management System, an open-source project. The web-based system allows users to manage files, schedule meetings, generate reports, and access other management features. A broken access control vulnerability occurs when the application does not enforce proper permissions and restrictions.
Read Post
memcyco

Holiday Scam Season: Turning Vulnerabilities into Long-Term Resilience

Nov 1, 2024 By Julian Agudelo In Memcyco
More transactions, less vigilant consumers, and countless digital impersonators ready to exploit them – for scam-targeted industries and cyber teams, the holiday season is a full-spectrum stress test. Those who pass with flying colors have likely adopted key reinforcements that adapt posture for the era of off-the-shelf social engineering scams assisted by AI. Those that don’t are likely still reliant on outdated solutions and customer education.
Read Post
Snyk

If you don't know about HTTP Archive's Web Almanac yet, you should!

Nov 1, 2024 By Brian Clark In Snyk
Most, if not all, of us in the software development space have benefitted from community-driven projects at some point. We’ve tapped into open source libraries, searched for advice on Reddit, and posted our seemingly unsolvable questions on Stack Overflow. But you might be missing out on a community project that especially excites me. It’s the Web Almanac, a collaborative report that provides tons of valuable insights into how people build and use the web.
Read Post
securitysenses

Critical Infrastructure Security: Preparing for Emerging Threats

Nov 1, 2024 By Muhammad Omar Khan In SecuritySenses
Critical infrastructure security can never be overstated in an era when cyberattacks increasingly target modern civilization's backbone. In the past few years, cyberattacks on power grids, transportation systems, and public utilities have highlighted how vulnerable our society is to disruption. A single breach can bring entire regions to a standstill, highlighting the fragility of our interconnected systems.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.