Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Indusface Threat Coverage: MOVEit Transfer SQL Injection Vulnerabilities

Progress has recently raised concerns about multiple vulnerabilities in their MOVEit Transfer secure managed file transfer solution. These vulnerabilities have been publicly disclosed within the past several weeks, and the most recent one was reported on June 15, 2023. Notably, the latest vulnerability is claimed to be a zero-day SQL injection vulnerability. If exploited by an attacker, these vulnerabilities can lead to unauthorized access to the MOVEit Transfer database.

SecurityScorecard Identifies Infrastructure Linked to Widespread MOVEit Vulnerability Exploitation

New disclosures regarding the widespread exploitation of CVE-2023-34362, a new vulnerability affecting the MOVEit file transfer software, and the Cl0p ransomware group’s claim of responsibility for its widespread exploitation and the resulting data theft, have continued in the weeks since the vulnerability’s original publication.

MOVEit Supply Chain Attack Campaign Update

In the past two weeks, three new vulnerabilities in the the MOVEit file transfer software have been discovered, including one over the weekend. The MOVEit file transfer software is used by around 1700 organizations worldwide. As in most cases when supply chain modules are being compromised, the impact is lethal as big companies such as the BBC and Zellis have been targeted.

AI vs. Hackers: How Artificial Intelligence is Changing the Game in Cybersecurity

Artificial Intelligence (AI) has been used in every field today and become more and more prevalent. AI analyzes and trains large amounts of data. Furthermore, AI creates data patterns and makes correlations between them. The important thing about creating data patterns is that AI can use these data patterns and correlations for future cases.

Continuous scanning in your production environment is more important than ever

Whether external or internal-facing, your business undoubtedly runs on web applications… which makes continuous scanning your ally. Most likely, your business runs on web applications. Whether they’re external-facing corporate websites with customer portals and shopping carts, internal-facing SSO login pages, HR portals, or team sites, they run on web apps.

The SecurityManager is getting removed in Java: What that means for you

The Java Development Kit (JDK) library's java.security package is one of the most important packages, yet despite consistent updates, it remains vastly underutilized. In light of the increased emphasis on cybersecurity frameworks, including zero trust, it's imperative for Java developers to become familiar with Java SE's security libraries. As with any other field in information technology, cybersecurity has a capricious nature. After all, it has to keep up with the latest trends in cybercrime.

A Guide to Handling the MOVEit Attack

Last week, a vulnerability in the popular MOVEit managed file transfer service was exploited by the CL0P ransomware gang to execute data breaches – an increasingly common cybersecurity attack technique where popular software is exploited to target, by extension, their users. Victims of this hack include British Airways, Boots, BBC, and multiple US government agencies.

ICS attack classifications: differentiating between Cyberwarfare, Cyberterrorism, & Hacktivism

Every news article about a threat group or attack floods the reader with classifications: nation-state groups, hacktivists, cyberterrorists, etc. But how can we define who is what? How can we differentiate between said categories? How should we deal with potential classification overlaps? Especially in the ever-evolving cyberwarfare realm, how can we approach these closely rooted phenomena?