A new series of vulnerabilities in the Common Unix Printing System (CUPS) threatens numerous Linux systems, potentially allowing remote code execution (RCE). This affects a wide range of platforms, including Debian, Red Hat, SUSE and macOS. The vulnerabilities—tracked as CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177—are believed to endanger over 76,000 devices, with estimates suggesting up to 300,000 could be affected.

A zero-day flaw in MOVEit software exposed the data of 66.4 million individuals, revealing businesses are increasingly vulnerable to cyberattacks. Applications, which manage sensitive data, are prime targets for these threats. Compliance regulations recognize the risks and establish guidelines aimed at ensuring applications meet data protection, privacy, and overall security. PCI DSS v4.0 for example introduces 64 new requirements including strict security measures to protect public-facing applications.

A high severity OS command injection vulnerability, CVE-2024-8190, has been found in Ivanti Cloud Services Appliance (CSA) versions 4.6 Patch 518 and earlier. This flaw allows attackers with admin access to remotely execute malicious commands, potentially taking full control of the system. Ivanti has already released updates, but this command injection vulnerability is actively exploited in the wild, making immediate action critical.

The State of Application Security report shows that over 2.37 billion attacks were blocked on AppTrana WAAP from April 1, 2024, to June 30, 2024. Attacks targeting vulnerabilities surged by 1,200% in Q2 2024 compared to last year, an alarming fact. This sharp rise highlights that vulnerabilities are the prime target. Moreover, they are now easily exploitable thanks to readily available scripts on known vulnerabilities. This could be because of rapid adoption of AI and LLM models even among hackers.

A critical security flaw has been discovered in SPIP, a popular open-source content management system (CMS). This flaw, identified as CVE-2024-8517, stems from a command injection issue in the BigUp plugin. The vulnerability allows attackers to execute arbitrary OS commands remotely and without authentication, simply by sending a malicious multipart file upload HTTP request. This blog will explore the details of this vulnerability, its potential impacts, and the essential steps for mitigation.

Websites rely heavily on client-side code to deliver interactive user experiences. Unlike server-side code, which is protected within an organization’s infrastructure, client-side code runs in the user’s browser and is exposed to various risks such as data theft and JS injection. Recognizing the unique challenges of securing client-side code, OWASP has created a dedicated Top 10 list for client-side security risks.

All it takes is a single unpatched vulnerability to breach security and gain access to a company’s mission-critical assets. Effective vulnerability management is essential for strong cybersecurity. Vulnerability scans play a key role in this process, offering a clear view of the entire IT infrastructure and identifying existing vulnerabilities. How many times should we run scans? Are we scanning often enough? These are the questions we often get.

Formjacking is a cyberattack where attackers inject malicious JavaScript code into webpages containing form fields, usually on login pages or payment forms. The objective is to steal sensitive information, such as credit card details, passwords, and other personal data, directly from users as they enter it into the compromised forms. Formjacking attack occurs entirely on the client side—within the user’s browser—making it particularly challenging to detect.

Magecart attacks are a form of digital skimming that targets insecure websites to steal payment information. These attacks involve injecting malicious JavaScript code into e-commerce websites to steal sensitive information such as credit card details during the checkout process. The term “Magecart” originates from the attackers’ initial focus on Magento, a popular e-commerce platform, though their methods have since expanded to target various other platforms.

A Web Application Firewall (WAF) is your first line of defense against internet traffic that can be both legitimate and malicious. It helps protect your web applications, websites, and servers from various cyber-attacks by filtering out harmful traffic. WAF (WAAP) is essential for web security as it quickly identifies and addresses vulnerabilities in applications and servers.