The e-commerce world was recently shaken by the discovery of a vulnerability in Adobe Commerce and Magento, two of the most widely used e-commerce platforms. Dubbed "CosmicSting" and designated as CVE-2024-34102, this vulnerability exposes millions of online stores to potential remote code execution and data exfiltration risks.

Welcome to the Threat Context Monthly blog series where we provide a comprehensive roundup of the most relevant cybersecurity news and threat information from KrakenLabs, Outpost24’s cyber threat intelligence team. Here’s what you need to know from November.

In September 27, 2024, Okta disclosed a critical vulnerability affecting their Classic environment that created a concerning security gap in identity protection. The vulnerability, active since July 17, 2024, allowed attackers with valid credentials to bypass application-specific sign-on policies by simply modifying their user-agent string.

Transport Layer Security (TLS) is a cryptographic protocol designed to provide secure communication between web browsers and servers. Many IP-based protocols such as HTTPS, SMTP, POP3, and FTP support TLS. Secure Sockets Layer (SSL), on the other hand, is a protocol used to establish an encrypted link between web browsers and servers. It uses symmetric cryptography to encrypt the data transmitted. Encryption keys are based on shared secret negotiation at the beginning of any communication session.

The holiday season brings joy, festivities, and amazing deals – but it also attracts cybercriminals looking to take advantage of eager shoppers. Here’s how to protect yourself while hunting for the perfect gifts.

As organizations deploy more AI-enabled systems across their networks, adversaries are taking note and using sophisticated new tactics, techniques and procedures (TTPs) against them. The need for continued innovation to fight these threats is paramount.

In this version of the Hacker’s Playbook Threat Coverage round-up, we highlight attack coverage for several new threats. SafeBreach customers can select and run these attacks and more from the SafeBreach Hacker’s Playbook to ensure coverage against these advanced threats. Additional details about the threats and our coverage can be seen below.

Cyber threats are at an all-time high because the digital world is rapidly changing so quickly. Every day, new vulnerabilities are found in security systems. Attacks threaten businesses of all sizes by stealing data, disrupting operations, and damaging reputations. It has become clear that Vulnerability Management as a Service (VMaaS) is the best way for companies to protect their digital assets without having to manage security systems themselves.

The General Data Protection Regulation (GDPR) of the European Union and the California Privacy Rights Act (CPRA) represent landmark regulations designed to protect consumer data privacy. While GDPR became enforceable in May 2018, CPRA came into effect in January 2023, building on its predecessor, the California Consumer Privacy Act (CCPA). Both laws aim to empower individuals with greater control over their personal data while imposing rigorous obligations on businesses.

A phishing campaign is impersonating HR to target employees who are making annual insurance changes during the open enrollment period, according to researchers at Abnormal Security. The attackers are using legitimate notifications from Dropbox to send phishing messages, asking recipients to view a document on Dropbox regarding annual salary increases and open enrollment elections.