Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

CVE-2024-24919: Zero-Day Vulnerability Detected in Check Point Products

Note: This vulnerability remains under active exploitation, and Kroll experts are investigating. If further details are uncovered by our team, updates will be made to the Kroll Cyber Risk blog. A critical zero-day vulnerability, being tracked as CVE-2024-24919, has been discovered and patched in a number of Check Point products. This vulnerability has a CVSS score of 8.6 assigned by Check Point and is actively being exploited in the wild with proof of concept (POC) exploits available.

8 Reasons to Conduct Regular Vulnerability Scans

Vulnerability scanning is a critical component of any robust Offensive Security strategy. When combined with penetration testing and Red Team exercises, they can serve as an early warning system to identify potential security weaknesses and provide an organization with the breathing room needed to implement changes before they are discovered and exploited.

5 tips for adopting AI code assistance securely

There’s been a lot of excitement around generative AI technology over the past few years, especially in software development. Developers of all levels are turning to AI tools, such as GitHub Copilot, Amazon CodeWhisperer, and OpenAI’s ChatGPT, to support their coding efforts. In fact, GitHub found that 92% of developers use AI coding tools. However, many businesses are realizing that they need to be more cautious when using AI in software development.

CVE-2024-24919 - Check Point Quantum Gateway

CVE-2024-24919 is a critical security vulnerability identified in Check Point Quantum Security Gateway, a widely used network security appliance. This vulnerability allows attackers to exploit the gateway, leading to the exposure of sensitive information. As a zero-day exploit, it presents significant risks to organizations relying on Check Point for their network security.

AI Threat Scenario, GuLoader, DarkGate, MirrorBlast, Kutaki Stealer and More - Hacker's Playbook Threat Coverage Round-up: May 2024

In this version of the Hacker’s Playbook Threat Coverage round-up, we are highlighting attack coverage for newly discovered or analyzed threats, including a newly created scenario that leverages AI Generated malware. SafeBreach customers can select and run these attacks and more from the SafeBreach Hacker’s Playbook to ensure coverage against these advanced threats. Additional details about the threats and our coverage can be seen below.

CVE-2024-24919: Information Disclosure Vulnerability Leveraged to Target Check Point VPNs

On May 27, 2024, Check Point released hot fixes for an information disclosure vulnerability being leveraged by threat actors to target Check Point VPNs. This vulnerability was labeled as CVE-2024-24919 and is rated as high severity, as a remote threat actor can exploit the vulnerability to access information on Gateways connected to the Internet, with IPSec VPN, Remote Access VPN or Mobile Access enabled.

Okta Cross-origin Authentication Feature in Customer Identity Cloud Targeted in Credential Stuffing Attacks

On May 28, 2024, Okta disclosed that the cross-origin authentication feature in Customer Identity Cloud (CIC) is being targeted by credential-stuffing attacks. These attacks involve threat actors using large lists of stolen usernames and passwords to gain unauthorized access to online services. Suspicious activity has been observed starting from April 15, prompting Okta to notify affected customers and provide guidance to mitigate the issue.

How to track down your expired domain names before hackers do

What happens when your organization’s domain name expires or changes? Expired domains don’t simply disappear, and they can even become attack routes into your organization. Recent news out of Belgium has highlighted the potential danger, with hundreds of expired domain names and email addresses of government services being found available for purchase online.

CyRC Vulnerability Advisory: CVE-2024-5185 Data Poisoning Vulnerability in EmbedAI Application

The Synopsys Cybersecurity Research Center (CyRC) has exposed a data poisoning vulnerability in the EmbedAI application. EmbedAI allows users to interact with documents by utilizing the capabilities of large language models (LLMs). This vulnerability could result in an application becoming compromised, leading to unauthorized entries or data poisoning attacks.

10 modern Node.js runtime features to start using in 2024

The server-side JavaScript runtime scene has been packed with innovations, such as Bun making strides with compatible Node.js APIs and the Node.js runtime featuring a rich standard library and runtime capabilities. As we enter into 2024, this article is a good opportunity to stay abreast of the latest features and functionalities offered by the Node.js runtime.