Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CVE-2024-3393 is a high severity (CVSS v4.0 score 8.7) Denial of Service (DoS) vulnerability affecting specific versions of Palo Alto Networks PAN-OS DNS Security feature. This vulnerability allows unauthenticated attackers to send malicious packets through the data plane of the firewall. This forces the firewall to reboot. Repeated attempts can force the firewall into maintenance mode, requiring security teams to manually reset the firewall and significantly disrupting operations.

In Continuous Threat Exposure Management (CTEM), risk assessment acts as the central thread that ties all components together, turning raw threat intelligence, vulnerability detection, and external attack surface monitoring into actionable mitigation strategies.

The External Attack Surface Management (EASM) domain is rapidly growing in importance for businesses across the globe. Organizations must strive to understand the true scope of their attack surface as seen through the eyes of a potential hacker. This is a foundational step in any risk program that CISOs are implementing.

In today’s rapidly evolving threat landscape, traditional reactive security approaches are no longer sufficient. This reality led Gartner to introduce Continuous Threat Exposure Management (CTEM) to shift organizations’ mindset from reactive firefighting to proactive threat management through five critical phases: This structured approach revolutionizes how organizations secure their cloud environments. But to succeed, CTEM demands specialized tools designed for modern cloud complexities.

CVE-2024-53677 is a critical (9.5) remote code execution (RCE) vulnerability affecting Apache Struts, an open-source framework for building Java-based web apps. This vulnerability affects the framework’s file upload logic, allowing attackers to enable paths traversal and perform remote code execution using malicious files.

CVE-2024-52875 is an HTTP Response Splitting vulnerability in Kerio Control. This flaw allows an attacker to inject malicious input into HTTP response headers by introducing carriage return (\r) and line feed (\n) characters. Such manipulation can cause the server to send multiple HTTP responses instead of one, leading to various attacks.

Attack surface management (ASM) is becoming a vital tool for any organization that utilizes digital assets or is undergoing digital transformation. Whether it’s web applications, IoT devices, or endpoint entry points, every digital asset escalates an attack surface in complexity and size.

If you are like many CISOs, you feel pressure to increase the value of your security testing budget. And if you are one of the 53% of enterprises reporting stagnant or decreasing budgets in 2024, you have even more work cut out for you. Increasing testing value requires a re-evaluation of nearly everything. Tackle tool sprawl. Optimize workflows. Reduce false positives. Review cloud spend. All while demonstrating ROI even in the absence of incidents. This post is about ways to reach these goals.

The rapid expansion of the digital landscape adds increasing complexity to cybersecurity, especially for enterprises that could have up to 100,000 vendors in their supply chain. Addressing these challenges requires implementing an Attack Surface Management (ASM) strategy tailored to enterprise businesses' unique risk profiles. This post outlines the importance of ASM for enterprises and offers a strategy for ensuring its effective implementation.

The NuPoint Unified Messaging (NPM) module in Mitel MiCollab versions up to 9.8 SP1 FP2 (9.8.1.201) is vulnerable to a path traversal attack caused by insufficient input validation. This vulnerability could be exploited by an unauthenticated attacker to gain unauthorized access to sensitive files, potentially allowing them to read, alter, or delete user data and critical system settings. The Mitel MiCollab Arbitrary File Read Vulnerability combines CVE-2024-41713 with another yet-to-be-assigned issue.