Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

Understanding CVE-2024-47176: Mitigating CUPS Vulnerabilities

The Common UNIX Printing System (CUPS) is a widely used printing system on Unix-like operating systems, but recent vulnerabilities have exposed significant risks. The most critical is CVE-2024-47176, which affects the cups-browsed service by binding to the IP address INADDR_ANY:631. This configuration flaw causes it to trust all incoming packets, leading to potential remote code execution when interacting with malicious printers. This vulnerability is part of a chain of exploits, including.

Part 2: Why Threat Intelligence Sharing Is Essential for Scalable Security Operations Today

Cybersecurity in 2024 has seen a shift toward open, collaborative intelligence sharing across industries. This shift is promising but not yet complete; significant gaps remain in intelligence sharing, especially following cyber incidents. Victim organizations are often hesitant to share attack details due to fears of reputational damage and stigmatization.

75% of Organizations Have Experienced a Deepfake-Related Attack

As generative AI evolves and becomes a mainstream part of cyber attacks, new data reveals that deepfakes are leading the way. Deepfake technology has been around for a number of years, but the AI boom has sparked new attacks, campaigns, and players all trying to use the impersonation technology to rob victims of their credentials, personal details or money. We recently covered multiple deepfake campaigns all perpetrated by a single individual that reached a global level.

Crooks are Sending Halloween-Themed Phishing Emails

Halloween-themed spam and phishing emails have surged over the past two months, with a significant increase beginning in October, according to researchers at Bitdefender. “Bitdefender’s telemetry indicates a sharp rise in Halloween-themed spam throughout September and October,” the researchers write. “However, Halloween-themed spam rose 18% percentage points between 1-16 October 2024, compared to the entire month of September.

Emerging Threat: FortiJump (CVE-2024-47575)

CVE-2024-47575, also known as FortiJump, is a critical (9.8) missing authentication vulnerability affecting critical functions in FortiManager and FortiManager Cloud versions. Threat researcher Kevin Beaumont published a blog post on October 22nd, 2024 identifying this vulnerability as a zero day. This vulnerability is separate from CVE-2024-23113, which also affects FortiGate devices.

CrowdStrike Research Challenges Containerized Application Predictability Assumptions

Cloud workloads — and containers in particular — are often seen as immutable entities with predictable behavior. But recent CrowdStrike research suggests that some cloud security solutions rely too much on this premise, leading to suboptimal detection outcomes. CrowdStrike observes billions of container events each day. The data we collect gives us insights into real-world cloud workload behavior, which challenges these assumptions.

What Is a Black Hat Hacker?

A black hat hacker is a cybercriminal who accesses your computer systems and network without your knowledge to steal data, disrupt systems and extort money. Black hat hackers try to take advantage of an organization’s security vulnerabilities to gain unauthorized access to software, systems and networks. Once they gain access to an organization’s data, black hat hackers may hold the data for ransom or sell it to other businesses or cybercriminals.

How To Stop Spam Emails

To stop receiving most spam emails, you can report them, block spam email addresses, make a burner email account and remove third-party account access. Spam emails are unwanted messages sent to many people, usually to advertise an item or service. According to Statista, approximately 46% of email traffic as of December 2023 could be classified as spam.