On November 6, 2023, Veeam published security hotfixes for two critical-severity vulnerabilities impacting Veeam ONE. At this time, Arctic Wolf has not identified active exploitation of either vulnerability, nor a published proof of concept (PoC) exploit. Although threat actors have not historically targeted Veeam ONE products, obtaining RCE on the monitoring and analytics platform will likely increase the potential for threat actors to create a working PoC exploit and attempt exploitation.

Most cloud providers use a shared security responsibility model, meaning they secure some areas of the environment but expect the customer to establish security controls in others. AWS is one of the many cloud providers that follow the concept of shared responsibility. Generally speaking, they split responsibility into two categories. AWS focuses on the security of the cloud, such as the infrastructure that runs all AWS services.

In early November, the cybersecurity community witnessed the exploitation of a zero-day vulnerability in Confluence Data Center and Server. This critical vulnerability was related to Improper Authorization and assigned CVE-2023-22518 identifier. In this blog, we delve into the details of these vulnerabilities, their implications, and the necessary mitigation steps to protect your digital assets.

This blog post series offers a gentle introduction to Rego, the policy language from the creators of the Open Policy Agent (OPA) engine. If you’re a beginner and want to get started with writing Rego policy as code, you’re in the right place. In this three-part series, we’ll go over the following: As a reminder, Rego is a declarative query language from the makers of the Open Policy Agent (OPA) framework.

Philadelphia, PA, November 9, 2023 – Leading cyber risk management and threat intelligence provider Outpost24 today announced the release of Threat Explorer, an advanced vulnerability intelligence and custom alerting tool for continuous threat monitoring.

On July 14, CISA published an industrial control system (ICS) advisory about two new critical vulnerabilities affecting Rockwell Automation ControlLogix communication modules: CVE-2023-3595 and CVE-2023-3596. CISA and Rockwell Automation recommended that asset owners patch vulnerable devices and add controls such as segmenting networks and using network intrusion detection.

SysAid on-premises software faces a zero-day vulnerability tracked as CVE-2023-47246. SysAid recommends that all customers immediately upgrade to version 23.3.36, which has a security patch for the path traversal vulnerability.

Modern applications are made up of more than first-party code and third-party dependencies. Even a single application links back to a vast ecosystem of cloud environments, containers, third-party base images, and automated container orchestration. Along with the ability to build applications faster, developers also need to secure code and associated dependencies, deployment configuration, and containers running in production.

In this blog post, we will highlight Snyk’s view on the new vulnerability scoring framework, CVSS 4.0, which was released on November 1, 2023.

At CrowdStrike, we’re on a mission to stop breaches. As adversaries weaponize vulnerabilities with increasing speed, organizations must accelerate their ability to identify security gaps and proactively manage their risk exposure before an adversary breaks in.