IT professionals are the people who Make Work Happen™ throughout their organization — so it’s important they have the right tools at their fingertips. We believe that the best tools are those that can adapt to meet their needs as they evolve. This ethos drives the continual investment in the JumpCloud platform based on regular user input and feedback. As we’ve collected and acted upon customer feedback over the last couple of years, the JumpCloud platform has grown significantly.

On April 14, 2024, Palo Alto Networks (PAN) released hotfixes to address the maximum severity (CVSS: 10) vulnerability, CVE-2024-3400, affecting the GlobalProtect Feature of PAN-OS. An unauthenticated remote threat actor can exploit this vulnerability to execute arbitrary code with root privileges on the firewall. Volexity identified CVE-2024-3400 as a zero-day vulnerability and found that the threat actor UTA0218 was implanting a custom Python backdoor on firewall devices.

As information security professionals, you play a crucial role in using the term “indicators of compromise” (IOC) to describe any malicious activity that may suggest a computer system has been compromised. Your expertise in identifying IoCs can help quickly determine when an attack has occurred and identify the perpetrators. Your insights can also help determine the extent and severity of an attack and aid in an incident’s forensic analysis.

Network infrastructures in many industries today are challenged by a surge of connected devices, especially as IoTs and BYODs are increasingly popular. The complexity and granularity of managing IP address assignments pose a considerable challenge. Traditional methods of network management often fall short in providing a granular understanding of the devices in use.

The very fabric that stitches our society together — our councils and local governing bodies — is under a silent siege from cyber attacks. The recent ransomware assault on Leicester Council is another real life cybercrime added to a growing list of attacks in the UK.

Threat actors looking to maximize the amount of money they can make and chaos they can cause have once again chosen the supply chain as their target of attack. On Thursday, April 11, the Cybersecurity & Infrastructure Agency (CISA) warned customers of Sisense, a company that provides data analytics services to thousands of international companies, that they should reset their credentials for Sisense services and look out for suspicious activity involving their services.

Cybersecurity is vital in today’s fast-paced digital world, where keeping your private information safe is as crucial as the technology itself. Proxies are key players in this arena, not just for the tech-savvy but for everyone online. They work quietly behind the scenes, rerouting your internet traffic to keep your activities private, speed up your browsing, and even unlock content that’s out of reach due to geographic restrictions.

The International Monetary Fund (IMF) has warned that severe cyber attacks against financial institutions could lead to major bank runs and market selloffs. While this hasn’t happened yet, the IMF has observed these effects on a smaller scale after a cyber attack hits a bank.

The recent discovery of a backdoor in XZ Utils (CVE-2024-3094), a data compression utility used by a wide array of various open-source, Linux-based computer applications, underscores the importance of open-source software security. While it is often not consumer-facing, open-source software is a critical component of computing and internet functions, such as secure communications between machines.