Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Ruby affected by CVE-2024-45409

CVE-2024-45409 is a critical vulnerability in the Ruby-SAML (affecting versions up to 12.2 and from 1.13.0 to 1.16.0) and OmniAuth SAML libraries. It hence effectively poses a security risk for unpatched versions of GitLab (read more on the GitLab blog). This vulnerability arises from improper verification of the SAML Response signature. An attacker with access to any signed SAML document can forge a SAML Response or Assertion with arbitrary contents.

How to Create New Active Directory Users with PowerShell

Tools like ADUC and ADAC enable Sysadmins to create a new user in an Active Directory quite easily, but they has certain limitations when it comes to bulk user creation. PowerShell is a powerful and flexible tool for creating Active Directory accounts, and much more at scale. This blog reviews the process to create a new Active Directory user with PowerShell cmdlet New-ADUser. We’ll cover the top use cases for this cmdlet and provides its full syntax so you can explore it further.

How to Rename Files in PowerShell with Rename-Item

The Rename-Item cmdlet in PowerShell can be used to change the name of an item. This item can be a file, directory, or any object in a path. The cmdlet can also be used to rename items both locally and in a network environment. Users can also perform batch renaming operations, integrate renaming tasks into scripts for automation, and even manage complex renaming requirements with the help of wildcard characters and regular expressions.

Every transaction tells a story: Protecting HPE NonStop ecosystems against AI-driven cyber threats

In a world where digital transformation is accelerating, the stakes for safeguarding critical infrastructure, government systems, and financial services have never been higher. These sectors are increasingly targeted by sophisticated payment fraud schemes and AI-powered cyberattacks, leaving them under immense pressure to shield their customers from threats.

Managed security service providers should stay skeptical

It wasn’t too many years ago that only large-scale organizations and enterprises were compelled to worry about cybersecurity. They were the primary targets for malicious actors, and so they seemed to be the only ones thinking about defense. But just like most things, that has completely changed. Small and medium-sized businesses are just as vulnerable to cyberattacks. Without the size and resources to bring security in-house, most turn to managed security service providers (MSSPs) for help.

Privileged Access Management Use Cases

There are several use cases for a Privileged Access Management (PAM) solution, including secure remote access, credential management and least-privilege access enforcement. PAM helps organizations manage the access of authorized accounts to highly sensitive data, including IT departments, HR or staff who handle payroll systems. Continue reading to learn more about the different use cases for PAM and why you should choose KeeperPAM as your PAM solution.

Edge Device Botnet Compromise

A recent joint threat advisory from the FBI, CNMF, NSA (18 September 2024), highlights the extent of Chinese-affiliated threat actors’ ongoing botnet campaigns which seek to compromise thousands of internet-connected edge devices over a sustained period. This campaign, known as Oriole, is just one of several such active campaigns observed since 2020. JUMPSEC observations indicate that law enforcement has not yet disrupted the botnet, and indicators of compromise (IOCs) are likely ongoing.

Cato CTRL Threat Research: ProKYC Selling Deepfake Tool for Account Fraud Attacks

Cato CTRL security researchers have recently discovered a threat actor, ProKYC, selling a deepfake tool in the cybercriminal underground that helps threat actors beat two-factor authentication (2FA) for conducting account fraud attacks. The tool being sold is customized to target cryptocurrency exchanges—specifically ones that authenticate new users leveraging a government-issued document and by enabling the computer’s camera to perform facial recognition.

The Rise and fall of Raccoon Infostealer: Inside a Global Cybercrime Operation

In the ever-evolving landscape of cybercrime, malware-as-a-service (MaaS) has emerged as a lucrative business for cybercriminals. One of the most notorious examples is Raccoon Infostealer, malware designed to harvest personal and financial information from unsuspecting victims worldwide. The mastermind behind this operation, a Ukrainian national named Mark Sokolovsky, recently pleaded guilty in a U.S. federal court to his role in the cybercrime network.

Protecting Your Business from Data Breaches and Cybercrime

In today’s digital age, companies across various sectors are increasingly vulnerable to cyber attacks. Among the most alarming tactics cybercriminals use is leveraging stolen data to launch targeted attacks on businesses. With this data in hand, attackers can craft sophisticated schemes to exploit vulnerabilities and cause serious harm to companies. Let's dive into the methods cybercriminals employ using stolen data and how it affects businesses like yours.