Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Improving Patch and Vulnerability Management with Proactive Security Analysis

Vulnerability management is the continuous process of identifying and addressing vulnerabilities in an organization’s IT infrastructure, while patch management is the process of accessing, testing, and installing patches that fix bugs or address known security vulnerabilities in software applications. Vulnerability management and patch management are crucial SecOps processes that protect IT assets against cyber threats and prevent unauthorized access to secure systems.

regreSSHion: RCE Vulnerability in OpenSSH Server (CVE-2024-6387)

A high-severity remote code execution (RCE) vulnerability has been found in OpenSSH’s server (CVE-2024-6387) by the research team of Qualys. This issue is especially concerning because it brings back a problem that was originally fixed in 2006, showing that one of the most popular secure software still has hidden bugs. This discovery follows another major vulnerability found in the XZ Utils library just a few months ago, highlighting ongoing security challenges.

CVE-2024-5655: Latest GitLab API Vulnerability Threatens Customer Data Exposure

A security flaw that impacts specific versions of GitLab's Community and Enterprise Edition products was just detected. This vulnerability can be exploited to execute pipelines under any user's credentials. GitLab is a web-based DevOps platform offering tools for software development, version control, and project management. Launched as an open-source project in 2011, it has become a powerful solution used globally by millions.

New MOVEit Bug Actively Exploited Within Hours of Public Disclosure

A high-severity security flaw in Progress Software's MOVEit Transfer platform is being exploited in the wild just hours after its disclosure. This vulnerability, identified as CVE-2024-5806, allows attackers to bypass authentication mechanisms and pose as any valid user, thereby gaining access to sensitive files.

Risks for Polyfill.io Users

Earlier this year, a Chinese company named Funnull acquired the polyfillio. Due to this acquisition, this code was used to redirect mobile visitors to scam sites. Over 100,000 websites using the previously popular Polyfill JS open-source project are vulnerable to attacks that redirect traffic to sports betting and pornography sites.

MOVEit Gateway and MOVEit Transfer Vulnerabilities

On June 25, 2024, Progress Software, the parent company of the MOVEit software suite, officially released details for two critical vulnerabilities identified in MOVEit Gateway and MOVEit Transfer, CVE-2024-5805 and CVE-2024-5806 respectively. MOVEit Transfer is a managed file transfer solution that supports the exchange of files and data between servers, systems and applications within and between organizations.

Unfurling Hemlock: New threat group uses cluster bomb campaign to distribute malware

While reviewing common TTPs in malware campaigns used last year Outpost24’s Cyber Threat Intelligence team, KrakenLabs, came across several reports and articles describing a novel infection technique being used to distribute various types of malware not necessarily related to each other. For example, this article analyzing Amadey and this one talking about Redline.