Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Threat actors constantly improve their tactics and are always on the hunt for technical or social vulnerabilities they can exploit. The pandemic-induced Great Resignation, massive layoffs, continuous company restructuring, and upcoming holidays make this a very busy time of changes in the labor force. Due to this upheaval, employees are always on the lookout for any updates from their Human Resources (HR) department, as HR often sends updates or notifications via company-wide email.

In the dynamic landscape of cybersecurity, organizations face the ever-present risk of data breaches. This article provides a detailed exploration of data breaches, delving into their nuances, and offers comprehensive recovery strategies along with best practices. A data breach occurs when unauthorized threat actors gain access to sensitive information, jeopardizing data integrity and confidentiality.

In the rapidly evolving world of container orchestration, developers have come to rely on Kubernetes to manage containerized applications. However, as Kubernetes adoption increases among organizations, ensuring the security of Kubernetes environments becomes essential. One particularly significant aspect to consider is vulnerability prioritization. It’s essential to understand that chasing after the highest CVSS scoring vulnerabilities might not always align with real-world threats.

TA4557 targets recruiters via email, threat actors use OAuth apps to automate BEC and cryptomining attacks, and researchers discover Sandman APT’s connection to the China-based KEYPLUG backdoor.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. It could be said raising awareness is good as it motives complacent teams. That said, revelations that it was exaggerated might make teams more complacent in the future to react…

Read also: the US disrupts ALPHV/BlackCat operations, a NY engineer admits the hacks of two crypto exchanges, and more.

These statistics show that organizations struggled to maintain basic cybersecurity practices in 2023. But what can organizations do to improve their networks and help prevent attacks in 2024?

Cybersecurity is an essential consideration for any organization that deals in the digital sphere on any level, and the education sector is no exception. In recent years, the global pandemic and technological advances have led to a massive shift toward online learning, which has posed a number of challenges to educators and administrators. Facilitating digital education presents a logistical maelstrom that many educational institutions are not prepared to handle.

On December 7th, 2023, the Apache Struts project disclosed a significant vulnerability, CVE-2023-50164, in its Struts 2 open-source web framework. Rated at a critical CVSS score of 9.8, this flaw resides within the framework’s file upload logic. Exploiting this vulnerability empowers attackers to manipulate upload parameters, potentially leading to arbitrary file upload and, under specific conditions, code execution.

This is part two in our series on building honeypots with Falco, vcluster, and other assorted open source tools. For the previous installment, see Building honeypots with vcluster and Falco: Episode I.