Security researchers have warned that a new ransomware group has taken an unusual twist on the traditional method of extorting money from its corporate victims.

On July 1st, the Qualys’s security team announced CVE-2024-6387, a remotely exploitable vulnerability in the OpenSSH server. This critical vulnerability is nicknamed “regreSSHion” because the root cause is an accidental removal of code that fixed a much earlier vulnerability CVE-2006-5051 back in 2006. The race condition affects the default configuration of sshd (the daemon program for SSH).

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Ouch! Might want to check those appliances that could well have issues with patching…

An application layer DDoS attack, also known as a Layer 7 (L7) DDoS attack, targets the application layer of the OSI model. This type of DDoS attack focuses on disrupting specific functions or features of a website or online service. Layer 7 attacks leverage loopholes, vulnerabilities, or business logic flaws in the application layer to orchestrate the attacks. Here are the key characteristics and methods: Examples of L7 attacks are Slowloris, GET/POST Floods, etc.

Recently, Qualys identified a new remote unauthenticated Code Execution (RCE) vulnerability in OpenSSH’s server (sshd) in glibc-based Linux systems, nicknamed regreSSHion (CVE-2024-6387).

A guest post by James Berthoty, founder of Latio. CSPMs and CNAPP have a major gap, and unfortunately, it drives the majority of your cloud that actually matters (Kubernetes). To be frank, most CNAPPs were created around two things: Even the early players in the space who recognized the value of containerization found themselves too ahead of the market to support the giant funding opportunities present from their competition, who were focused on easily scanning every cloud workload that could exist.

Get started with IAM by using Terraform to create users, groups, and policies.

The last mile in secrets security is securing secrets in workloads. Discover a new way to securely deliver encrypted secrets in your infrastructure with innovative open-source tools, and say goodbye to plaintext secrets.

Nowadays, cryptocurrency is a buzzword in society. It’s mostly seen as a high-risk investment or associated with fast profit-making schemes. Despite this, its adoption has surged in recent years, and according to crypto.com, the number of cryptocurrency holders has now hit 580 million. Unfortunately, not all of them hold it for legitimate reasons. We are at a juncture where criminals have the knowledge, services, and tools to channel their illicit profits through cryptocurrencies.

TL; DR – Multiple versions of OpenSSH are vulnerable to remote code execution. There is no working public PoC, and researchers have only been able to exploit the vulnerability under unique lab conditions. Cato Sockets by default do NOT have a publicly exposed SSH interface, it is always recommended to keep Cato Sockets LAN interface exposed only internally and use comprehensive network access controls to manage SSH access.