In a new threat briefing, Forescout Research – Vedere Labs details an exploitation campaign targeting organizations running Fortinet’s FortiClient EMS which is vulnerable to CVE-2023-48788. We are designating this campaign Connect:fun because of the use of ScreenConnect and Powerfun as post-exploitation tools – our first-ever named campaign.

Before we start this blog post, let’s acknowledge that the only way to secure your environment from any vulnerability is to update the vulnerable hardware or software with patches that the author or the project community releases. Every other form of mitigation is only a way to provide an extended time for critical applications that cannot be updated immediately.

Software development moves fast, and many application security teams struggle to keep up. More sophisticated agile, DevOps, and cloud practices, along with the growing use of AI, mean more agility for development teams. However, these innovations are a challenge for security teams, as they must move at this same speed in order to secure applications effectively. Application security posture management (ASPM) directly responds to these emerging challenges.

Published in 2023, the OWASP Top 10 for LLM Applications is a monumental effort made possible by a large number of experts in the fields of AI, cybersecurity, cloud technology, and beyond. OWASP contributors came up with over 40 distinct threats and then voted and refined their list down to the ten most important vulnerabilities.

On March 29, 2024, a security researcher disclosed the discovery of malicious code in the most recent versions of XZ Utils data compression tools and libraries. The code contained a backdoor, which a remote threat actor can leverage to break sshd authentication (the service for SSH access) and gain unauthorized access to the system, potentially leading to Remote Code Execution (RCE).

Developer teams worldwide are increasingly leveraging AI to accelerate the speed of software development. However, AI-generated code can bypass protocols from the security team, so developers may not be evaluating the code as often as they should. Snyk works alongside today’s modern development teams with the goal of harnessing the many benefits of AI-assisted coding, while also providing full trust that the code is secure.

SecurityScorecard STRIKE threat researchers discovered 12 zero-days in customer environments in the last year. Attacks are increasingly targeting third-party software. The zero-day vulnerability that emerged in Progress Software’s MOVEit Transfer product last year was a stark reminder of the real-world impact of such vulnerabilities. It wreaked havoc on businesses and governments worldwide, with cyber criminals exploiting it since May of 2023.