February 12 2024 Cyber Threat Intelligence Briefing
This weeks' briefing covers: Dive deeper.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Data Breach Outlook: Finance Surpasses Healthcare as Most Breached Industry in 2023
While businesses might have become more prepared for direct cyberattacks, 2023 demonstrated that unfortunately a business is only as secure as the organizations within their environment. Third-party risk, which is to say any risk to an organization by external parties in its ecosystem or supply chain, was the headline culprit in 2023.
February 5 2024 Cyber Threat Intelligence Briefing
This weeks' briefing covers: Dive deeper.
January 29 2024 Cyber Threat Intelligence Briefing
This weeks' briefing covers.
CVE-2024-0204: Authentication Bypass Vulnerability in Fortra GoAnywhere MFT
An authentication bypass vulnerability, tracked as CVE-2024-0204, was discovered in Fortra's GoAnywhere MFT versions prior to 7.4.1 and allows an unauthorized user to create an admin user via the administration portal. This vulnerability has a CVSS score of 9.8 with a high potential for exploitation, which we expect to see in the short term due to a proof of concept (PoC) being available. Fortra informed customers on December 4, 2023, of the flaw via an internal forum post.
January 22 2024 Cyber Threat Intelligence Briefing
This weeks' briefing covers.
Two Zero-Day Vulnerabilities Exploited in Citrix NetScaler ADC and NetScaler Gateway
Two vulnerabilities have been detected in in Citrix NetScaler ADC and NetScaler Gateway. These vulnerabilities are being tracked as CVE-2023-6549 and CVE-2023-6548 with CVSS scores of 8.2 and 5.5 respectively. They are under active exploitation, affecting the following product versions.
Open the DARKGATE - Brute Forcing DARKGATE Encodings
DARKGATE is Windows-based malware that is sold on the dark web. DARKGATE is a fully functional backdoor that can steal browser information, drop additional payloads, and steal keystrokes. Kroll previously noted DARKGATE’s distribution via Teams. When the DARKGATE payload runs on a victim system, it creates a randomly named folder within C:\ProgramData that contains encoded files. Within the randomly named folder is a short configuration file and the output of keystrokes logged on the system.
Two Critical Vulnerabilities Impacting GitLab Community Edition and Enterprise Edition
GitLab has addressed two critical vulnerabilities in the GitLab Community Edition and Enterprise Edition that require immediate attention.
How to Use: MITRE ATT&CK Detection Maturity Assessment Tool
Bharath Kashyap helped create a lightweight, programmatic approach to performing a maturity assessment using free MITRE tools (like ATT&CK framework, D3FEND, and MITRE Centre for Threat Informed Defense (CTID)) to provide a starting point for you to understand your organization’s coverage against the framework, identify areas for improvement and prioritize them for implementation. In this video, Bharath walks through a few ways to make the assessment tool work for your organization.