Welcome to this week’s Cyber Threat Intelligence Summary, where we bring you the latest updates and insights on significant cyber threats. This edition analyses cyberattacks related to the Israel-Palestine conflict, global DNS probing by a Chinese threat actor, and a significant data leak involving the New York Times.

On February 19, 2024, ConnectWise published a security bulletin detailing two critical vulnerabilities within their on-premises ScreenConnect software, stating that the vulnerabilities have the potential to result in remote code execution (RCE). ScreenConnect is a widely utilized Remote Monitoring and Management (RMM) tool that has been leveraged by threat actors in the past, often in connection with ransomware attacks.

Jump to Tutorial As of June 30, 2024, CentOS 7 will reach its end of life (EOL). That means it will no longer receive updates, bug fixes, critical security patches, or any new features. It is very important to migrate to a supported operating system to maintain the functionality and security of your systems. AlmaLinux is a reliable alternative to CentoOS. It’s a community-driven enterprise distribution that is binary compatible with Red Hat Enterprise Linux (RHEL).

In our increasingly digital world, USB drives remain a convenient way to transport and store data. However, the use of these devices in corporate networks introduces several security concerns. This blog post will cover USB security best practices to equip you with the knowledge to safeguard your company’s valuable information against the security risks of removable media devices such as flash drives.

SQL Agent proxies are a form of built-in service that allows the schedule and running of automated tasks within SQL Server. These tasks can perform various actions related to database management. The msdb database is a crucial system database in Microsoft SQL Server which primarily serves SQL server agents. These databases store information related to SQL Agent jobs, including their configuration, execution history, vital system tables and data.

Passwords are the digital keys to our lives. They unlock everything from our most sensitive financial data to our personal communications and cherished memories. For online businesses, they are a safety net that allows customers to transact business and make purchases with apparent security. Yet, for all their importance, passwords remain a glaring weak point in online security. Consider this: 81% of data breaches hinge on compromised passwords.

It’s an API talking to the API world we’re living in. As per Postman, 500 million new APIs are expected to be created by 2025. APIs are a lifesaver when it comes to automation or integration. But when it comes to the security of these APIs, things can get a little tricky. OWASP API Top 10 gives insights on top vulnerabilities exploited in APIs.