This guide for IT and security professionals shows how to detect that the CrowdStrike agent is installed and properly configured, using either vanilla osquery or 1Password Extended Access Management.

In emergency situations, 1Password Extended Access Management can get devices patched faster than MDM alone.

On February 28, 2024, our team of pentesters at Astra discovered a critical stored cross-site scripting (XSS) vulnerability in the Personal Management System by Volmarg. This web-based tool helps you create to-do lists, take notes, and manage files in a convenient dashboard.

A critical security flaw has been discovered in SPIP, a popular open-source content management system (CMS). This flaw, identified as CVE-2024-8517, stems from a command injection issue in the BigUp plugin. The vulnerability allows attackers to execute arbitrary OS commands remotely and without authentication, simply by sending a malicious multipart file upload HTTP request. This blog will explore the details of this vulnerability, its potential impacts, and the essential steps for mitigation.

The State of Application Security report shows that over 2.37 billion attacks were blocked on AppTrana WAAP from April 1, 2024, to June 30, 2024. Attacks targeting vulnerabilities surged by 1,200% in Q2 2024 compared to last year, an alarming fact. This sharp rise highlights that vulnerabilities are the prime target. Moreover, they are now easily exploitable thanks to readily available scripts on known vulnerabilities. This could be because of rapid adoption of AI and LLM models even among hackers.

Imagine if your fire alarm sensor went off every time you burned your toast or lit candles on a birthday cake. After a few false alarms, you’d probably start ignoring them or even turn your sensor off just to get some peace. This is what many information security teams are experiencing with vulnerability alerts.

Two significant pieces of European legislation stand out as cybersecurity regulations evolve: the Digital Operational Resilience Act (DORA) and the NIS 2 Directive. Both aim to enhance cybersecurity but target different sectors and have distinct objectives and requirements.

From the moment ChatGPT was released to the public, offensive actors started looking to use this new wealth of knowledge to further nefarious activities. Many of the controls we have become familiar with didn’t exist in its early stages. The ability to request malicious code or the process to execute an advanced attack was there for the asking from an open prompt. This proved that the models could provide adversarial recommendations and new attacks never before seen.

Researchers at Palo Alto Networks’ Unit 42 warn that attackers are using refresh entries in HTTP response headers to automatically redirect users to phishing pages without user interaction. “Unit 42 researchers observed many large-scale phishing campaigns in 2024 that used a refresh entry in the HTTP response header,” the researchers write. “From May-July we detected around 2,000 malicious URLs daily that were associated with campaigns of this type.

Welcome to this week’s Cyber Threat Intelligence Summary, where we bring you the latest updates and insights on significant cyber threats. This edition covers the SuperShell malware targeting Linux SSH servers, an in-depth analysis of three Chinese-linked clusters responsible for cyberattacks in Southeast Asia, and CitrineSleet exploiting a zero-day Chromium vulnerability.