Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

When we carry out an assessment of an organization’s attack surface, it’s often SSL (Secure Sockets Layer) misconfigurations (and other encryption-related issues) that get the worst average scores. Research has estimated that 95% of applications have some kind of misconfiguration or vulnerability. These issues are often overlooked, but they shouldn’t be – their visibility to attackers make them an attack route that’s likely to be exploited.

Risk-based vulnerability management (RBVM) is an approach that focuses on prioritizing vulnerability remediation based on risk. RBVM prioritizes remediating vulnerabilities that pose the greatest risk to an organization. While some organizations depend solely on independent scoring methodologies like CVSS or EPSS, effective RBVM takes into consideration the business criticality of assets and ties in threat intelligence to make prioritization decisions.

Adopting proactive security against firmware vulnerabilities is more critical than ever. A vulnerability survey from Ponemon Institute showed that 60% of data breaches result from unpatched vulnerabilities, highlighting how delays in firmware patch deployment can severely weaken an organization’s defenses. Firmware supports key devices like routers, switches, and firewalls, and when compromised, can grant attackers persistent access to critical systems.

International cooperation has become crucial to disrupt the operations of malicious cybercrime actors. A prime example of this is ‘Operation Magnus’ which has showcased the effectiveness of global collaboration in tackling sophisticated threats. By dismantling their infrastructure and exposing key players, Operation Magnus not only delivered a significant blow to cybercriminals but also sent shockwaves throughout underground forums and dark web communities.

JFrog’s security research team continuously monitors open-source software registries, proactively identifying and addressing potential malware and vulnerability threats to foster a secure and reliable ecosystem for open-source software development and deployment.

On November 1, 2024, details of a critical vulnerability affecting Synology NAS devices, which had been patched a few days earlier, were publicly disclosed. This vulnerability, tracked as CVE-2024-10443 is classified as a zero-click flaw, meaning no user interaction is required for exploitation. The issue originates from the SynologyPhotos application, which comes pre-installed and enabled by default on Synology’s BeeStation storage devices and is also widely used among DiskStation users.

Most, if not all, of us in the software development space have benefitted from community-driven projects at some point. We’ve tapped into open source libraries, searched for advice on Reddit, and posted our seemingly unsolvable questions on Stack Overflow. But you might be missing out on a community project that especially excites me. It’s the Web Almanac, a collaborative report that provides tons of valuable insights into how people build and use the web.

On 24 September 2024, the security researchers at Astra discovered a critical broken access control vulnerability in the Class Committee Management System, an open-source project. The web-based system allows users to manage files, schedule meetings, generate reports, and access other management features. A broken access control vulnerability occurs when the application does not enforce proper permissions and restrictions.

More transactions, less vigilant consumers, and countless digital impersonators ready to exploit them – for scam-targeted industries and cyber teams, the holiday season is a full-spectrum stress test. Those who pass with flying colors have likely adopted key reinforcements that adapt posture for the era of off-the-shelf social engineering scams assisted by AI. Those that don’t are likely still reliant on outdated solutions and customer education.