Companies depend on Tines to protect their business through mission-critical automation workflows. Since the earliest versions of Tines, we’ve enabled users to put humans in the loop through forms and prompts. Workflows pause until a person completes an action via an email or messenger prompt. But these features felt limited, with the need for additional human interactions to take place elsewhere creating time-consuming friction.

PostgreSQL is a powerful, open-source relational database management system (RDBMS). Because of its robustness and scalability, PostgreSQL is used extensively in the cloud. Most public cloud providers including AWS, Azure and GCP provide database services to their customers based on PostgreSQL.

Cybercrime isn’t unique to certain sectors or industries. But some areas are more at risk, like local governments and municipalities. It makes sense, governments not only hold a lot of personal and valuable information on their systems, but government entities are interconnected and critical to the operations of a given area — from police forces to court hearings to basic administration and document processing. It’s a high– value target for hackers.

On Tuesday, January 24th, 2023, VMware disclosed two critical vulnerabilities in VMware vRealize Log Insight that could result in remote code execution (RCE). Although different vulnerability types, both vulnerabilities could allow an unauthenticated threat actor to inject files into the operating system of the vulnerable product which could result in RCE. Both vulnerabilities were responsibly disclosed to VMware and have not been actively exploited in campaigns.

The new Black Duck SCA release offers enhancements to help organizations to better understand the potential risks in their software supply chain. Black Duck® software composition analysis (SCA) started the new year off strong and got a running start on its resolution to better help teams secure their software supply chain at the speed of modern software development. Let’s look at some of the highlights of the 2023.1.0 release.

A 22-year-old suspected of being "Seyzo", a member of the ShinyHunters cybercrime gang, has been extradited from Morocco to the United States, where - if convicted - he could face up to 116 years in prison. Sebastien Raoult, a French national, was arrested at Rabat international airport in Morocco on May 31 2022, while trying to take a flight to Brussels.

Websites are central to business operations but are also the target of various cyber-attacks. Malicious hackers have found several ways to compromise websites, with the most common attack vector being SQL injection: the act of injecting malicious SQL code to gain unauthorized access to the server hosting the website. Once on the server, the hacker can compromise the target organization's website, and vandalize it by replacing the original content with content of their own choosing.

The January 2022 International Committee of the Red Cross (ICRC) data breach was caused by an unpatched critical vulnerability in the Single Signe-In tool developed by Zoho, a business software development company. After exploiting the vulnerability (tracked as CVE-2021-40539), the cybercriminals deployed offensive security tools to help gain access to ICRC's contact database, resulting in the compromise of more than 515,000 globally.

The Kasya ransomware attack occurred through the exploitation of CVE 2021-30116, an authentication bypass vulnerability within Kaseya VSA servers. This allowed the hackers to circumvent authentication controls and executive commands via SQL injection, giving them all the control they needed to deploy their ransomware payload and encrypt a segment of Kaseya's internal data.

On September 28th it was disclosed by GTSC that there was a possible new zero day being abused in the wild beginning in early August. Although this campaign looked very similar to the previously abused vulnerability in Microsoft Exchange, dubbed ProxyShell at the time, comprising 3 CVEs (CVE-2021-34473, CVE-2021-34523 and CVE-2021-31207) that when combined enabled an adversary to gain remote access to an Exchange PowerShell session that may be abused.