Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

Introducing The GitGuardian Secret Analyzer

Introducing The GitGuardian Secret Analyzer GitGuardian has always helped you find your leaked secrets, but now GitGuardian can also quickly reveal the permissions of your secrets. One of the first questions any security team needs to ask itself when a secret is leaked is "What exactly could an attacker do with it?" Does it grant read-only access or does it have permissions to write or delete data? At the same time, understanding the correct scope needed for replacing a credential can take a long time, as all too often, the permissions originally granted are poorly documented, if at all.

3 Critical things DoD Contractors Need to know about CUI for CMMC 2.0

CMMC assessments began on 16 December. If you handle CUI, here’s 3 things you need to know for CMMC The CMMC final rule change is now live. On 16 December, certified third-party assessment organizations (C3PAOs) officially began assessing DoD contractors. Given the wide disparity between the number of assessment teams (~100) and members of the Defense Industrial Base looking for certification (~100,000), DoD contractors need to ensure they are assessment-ready asap.

What is OAuth (Open Authorization)?

OAuth is an authorization protocol that grants third-party websites or applications limited access to a user’s information (like their email or photos) — without sharing their logon credentials. For example, suppose you want to sign up for an app to help you track your fitness goals. Through the power of OAuth, you may have the option to log in using your Google account rather than create a new account specific to the fitness application.

The Largest and Most Notorious Cyber Attacks in History

Cyber attacks are deliberate attempts to steal, alter, or destroy data or to disrupt operations and to damage the digital parts of a critical infrastructure. This blog post explores the most destructive major cyber attacks in history, detailing the underlying motives and impact, and then offers prevention and detection best practices.

CVE-2024-12356: Critical Severity Command Injection Vulnerability in BeyondTrust Remote Support (RS) & Privileged Remote Access (PRA)

On December 16, 2024, BeyondTrust published a security advisory outlining a vulnerability impacting their Remote Support (RS) and Privileged Remote Access (PRA) software. The flaw, CVE-2024-12356, is a critical severity command injection vulnerability. If successfully exploited it can allow an unauthenticated remote threat actor to execute underlying operating system commands within the context of the site user.

Arctic Wolf Observes Targeting of Publicly Exposed Fortinet Firewall Management Interfaces

Since early December 2024, Arctic Wolf has been monitoring threat activity involving the malicious use of management interfaces on FortiGate firewall devices on the public internet. While our investigation into this activity is ongoing and the scope is yet to be fully determined, organizations running these products should ensure that they are adhering to security best practices for management access of firewall devices.