Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Security Week 2024 wrap up

The next 12 months have the potential to reshape the global political landscape with elections occurring in more than 80 nations, in 2024, while new technologies, such as AI, capture our imagination and pose new security challenges. Against this backdrop, the role of CISOs has never been more important. Grant Bourzikas, Cloudflare’s Chief Security Officer, shared his views on what the biggest challenges currently facing the security industry are in the Security Week opening blog.

Incident readiness is crucial for state and local governments

Local governments in the United States faced a surge in cyber threats during the latter half of 2023, with over 160 cybersecurity incidents impacting the State, Local, and Education (SLED) sectors. Alarming statistics reveal that many of these incidents were ransomware attacks (45%) and data breaches (37%). As custodians of vast amounts of personal and private information, local governments are entrusted with safeguarding sensitive data against evolving cyber threats.

JetBrains TeamCity Vulnerabilities (CVE-2024-27198 and CVE-2024-27199) Exploited

Two critical vulnerabilities have been discovered and patched in TeamCity, a build management and continuous integration server from JetBrains. These vulnerabilities are being tracked as CVE-2024-27198 and CVE-2024-27199 and impact all TeamCity On-Premises versions through 2023.11.3. They are reportedly being actively exploited as of March 6, 2024, with a fix is available in version 2023.11.4, which was released Monday, March 4.

2024-27198 and CVE-2024-27199: Authentication Bypass RCE Vulnerabilities Affecting On-Premises Servers of TeamCity

On March 3, 2024, JetBrains published a blog post describing two authentication bypass vulnerabilities affecting the On-Premises Servers of TeamCity. An unauthenticated threat actor with HTTP(S) access to a TeamCity Server can exploit these vulnerabilities to bypass authentication and gain administrative control of a TeamCity Server. CVE-2024-27198 (CVSS 9.8): Alternative path issue in the web component of TeamCity that can lead to remote code execution (RCE). CVE-2024-27199 (CVSS 7.3)

CVE-2024-0692: High Severity Remote Code Execution Vulnerability Affecting SolarWinds Security Event Manager

On March 1, 2024, SolarWinds published a security advisory reporting that SolarWinds Security Event Manager (SEM) is vulnerable to a high severity vulnerability that allows an unauthenticated threat actor to achieve remote code execution (RCE), CVE-2024-0692. The vulnerability lies in the configuration of the AMF deserialization endpoints. Exploitation can occur due to insufficient validation of user-provided data, allowing untrusted data to be deserialized.

Nightfall expands its platform to meet modern enterprise DLP challenges

Legacy data leak prevention (DLP) solutions are failing. Simply put, they weren’t built for business environments rooted in SaaS apps and generative AI (GenAI) tools. Meanwhile, security threats are evolving at a breakneck pace, with as many as 95% of enterprises experiencing multiple breaches a year. New attack surfaces are unfurling at a rapid rate following the switch to hybrid and cloud-based workspaces.

Secure data is superior data: A security-first approach to the DoD Data Strategy

The US Department of Defense (DoD) has vast reserves of data, and the key to warfighter advantage is leveraging relevant data as a strategic asset to gain battlespace operational advantage, accelerating operational multi-domain decision-making at echelon scale.

The rise of ChatGPT & GenAI and what it means for cybersecurity

The rise of ChatGPT and Generative AI has swept the world by storm. It has left no stone unturned and has strong implications for cybersecurity and SecOps. The big reason for this is that cybercriminals now use GenAI to increase the potency and frequency of their attacks on organizations. To cope with this, security teams naturally need to adapt and are looking for ways to leverage AI to counter these attacks in a similar fashion.

Unveiling CPS 234 Challenges: Insights from APRA's Cyber Security Stocktake

Australia has seen several high profile cyber incidents in 2023 and has seen significant loss of customer data (Canva’s 139 million customers, Latitude’s 7.9 million customers HWL Ebsworth’s 65 government agencies, 2.5 million documents). According to the OAIC Notifiable Data Breaches Report: January to June 2023, the top 3 sectors in that period to report data breaches are Health Service Providers (65 notifications), Finance incl.