Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A selection of this week’s more interesting vulnerability disclosures and cyber security news. Bad news for some Pixel owners this month – sorry to hear you might have an expensive paper weight now.

Atlassian recently disclosed a new critical vulnerability in its Confluence Server and Data Center product line, the CVE has a CVSS score of 10, and allows an unauthenticated attacker to gain Remote Code Execution (RCE) access on the vulnerable server. There is no workaround, the only solution being to upgrade to the latest patched versions.

On January 10th, 2024, Volexity reported that there is active exploitation in the wild against Ivanti Connect Secure (ICS) VPN devices. Ivanti and Volexity worked together to review impacted devices, and Volexity identified two different zero days, which have been assigned the following CVEs IDs.

You can avoid scams on Facebook Marketplace by only using secure methods of payment, looking at buyer and seller reviews, inspecting an item closely before purchasing it and only communicating through Messenger. While Facebook Marketplace is a great way to find clothes, furniture and other items at discounted prices, there comes the risk of being scammed on the platform, making it crucial to be extra cautious as both a buyer and a seller.

Cloud infrastructure is subject to a wide variety of international, federal, state and local security regulations. Organizations must comply with these regulations or face the consequences. Due to the dynamic nature of cloud environments, maintaining consistent compliance for regulatory standards such as CIS, NIST, PCI DSS and SOC 2 benchmarks can be difficult, especially for highly regulated industries running hybrid or multi-cloud infrastructures.

Spear phishing and voice phishing (vishing) are on the rise in the trucking industry, according to a new report from the National Motor Freight Traffic Association (NMFTA). “Spear phishing is still one of the most effective tools attackers have to breach networks,” the report says.

Researchers at Menlo Security observed a 198% increase in browser-based phishing attacks over the past six months. “Attackers have developed tools to craft high quality large scale attacks that target the browser,” the researchers write. “Cybercrime tools, such as phish kits (PhaaS) and ransomware-as-a-service kits (RaaS), have simplified the process of launching sophisticated attacks.

In a new SEC disclosure, Hewlett Packard Enterprise (HPE) announced on Wednesday that it fell prey to the same Russian intelligence group, known as Midnight Blizzard or Cozy Bear, that recently breached Microsoft's email system. This disclosure comes just a week after Microsoft reported a similar intrusion, putting the spotlight back on this notorious hacking group.

The surge in Ransomware-as-a-Service affiliates is likely the reason behind the dramatic increase in the number of victimized organizations, with all indicators suggesting that this trend will persist into 2024. I love it when vendors put out a yearly summary, and do it in the first month of the next year! The data is relevant and helps paint a picture of what the industry should expect in the near future. In Cyberint’s 2023 Ransomware Recap report, we find that ransomware had quite the year.

Users are becoming increasingly aware of where and how their information is shared, and their concerns regarding the need to keep that data private are growing in turn. Digitalization, rising daily averages for time spent on the Internet and connected devices, along with the ongoing proliferation of cyberattacks, have made individuals more cautious than ever when it comes to providing information online – and rightfully so.