Critical Vulnerabilities Found in Ruijie Reyee Cloud Management Platform

December 13, 2024 at 10:54AM Cybersecurity firm Claroty warns of vulnerabilities in the Reyee cloud management platform that could enable attackers to take control of 50,000 devices. Using device serial numbers, hackers can generate credentials, execute denial-of-service attacks, and potentially steal sensitive data. Ruijie has reportedly fixed all identified security issues. **Meeting Takeaways: Vulnerabilities in … Read more

Taming the multi-vault beast

December 13, 2024 at 04:11AM GitGuardian addresses the growing security concern of managing secrets across multiple vaults for Non-Human Identities (NHIs) in enterprises, which now outnumber human users 100 to one. Their new multi-vault integrations provide centralized visibility, automate detection, and streamline management, enhancing security and compliance while reducing operational costs. ### Meeting Takeaways: 1. … Read more

Sublime Snags $60M Series B for Email Security Tech

December 12, 2024 at 10:24AM Sublime Security, a D.C. startup offering email security solutions for Microsoft 365 and Google Workspace, has secured $60 million in funding, bringing total investments to $93.8 million. The company, gaining traction with major clients, provides AI-driven tools for threat detection and management, competing in the growing email security market. ### … Read more

Fortinet Acquires Perception Point Reportedly for $100 Million

December 12, 2024 at 10:10AM Fortinet announced the acquisition of Israeli security company Perception Point for approximately $100 million. Perception Point enhances Fortinet’s security offerings with advanced threat detection and cloud-native solutions for email and collaboration platforms. This marks Fortinet’s third acquisition in 2024, following Next DLP and Lacework. **Meeting Notes Takeaways:** 1. **Acquisition Announcement**: … Read more

Over 300K Prometheus Instances Exposed: Credentials and API Keys Leaking Online

December 12, 2024 at 09:51AM Cybersecurity researchers warn that numerous publicly accessible Prometheus servers are vulnerable to information leakage and attacks due to inadequate authentication. Sensitive data, including credentials, can be exposed, and denial-of-service attacks may occur via specific endpoints. Organizations should implement authentication, limit exposure, and monitor server activity to mitigate risks. **Meeting Takeaways … Read more

Snowflake Rolls Out Mandatory MFA Plan

December 11, 2024 at 08:46AM Snowflake will require all customers to enable multifactor authentication (MFA) by November 2025, following a three-phase policy change. After incidents of attacks on customers, this measure aims to enhance security, with guides available for migration. Failure to comply will result in access being blocked after specified deadlines. ### Meeting Takeaways: … Read more

Cybercrime Gangs Abscond With Thousands of AWS Credentials

December 10, 2024 at 11:21AM Cybercriminal gangs exploited public website vulnerabilities to steal AWS cloud credentials from numerous organizations, uncovered by researchers from CyberCyber Labs. The attackers, linked to groups Nemesis and ShinyHunters, misconfigured an AWS S3 bucket containing stolen data. AWS confirmed the incident was due to customer application flaws, not their systems. ### … Read more

Ongoing Phishing and Malware Campaigns in December 2024

December 10, 2024 at 05:12AM Cybersecurity threats are evolving, with ongoing zero-day attacks using corrupted files largely undetected, as seen in a recent analysis by ANY.RUN. Additionally, fileless malware and phishing tactics are on the rise. Utilizing advanced tools like ANY.RUN’s Interactive Sandbox helps organizations identify and analyze these threats effectively. ### Meeting Takeaways (Dec … Read more

Crooks stole AWS credentials from misconfigured sites then kept them in open S3 bucket

December 9, 2024 at 11:20AM Security researchers report an ongoing massive online heist targeting AWS customers, exploiting public website misconfigurations to steal source codes, credentials, and secrets. The criminal operation, linked to the Nemesis and ShinyHunters gangs, remains active. Misconfigurations allowing these breaches are attributed to customer oversight, not AWS itself. ### Meeting Takeaways 1. … Read more

Socks5Systemz Botnet Powers Illegal Proxy Service with 85,000+ Hacked Devices

December 9, 2024 at 07:07AM A botnet named Socks5Systemz operates the malicious proxy service PROXY.AM, enabling cybercriminals to mask their activities. Recent findings reveal its resurgence after losing control of its initial version. Meanwhile, the Gafgyt malware targets misconfigured Docker API servers, emphasizing the risks of cloud misconfigurations and the need for better security practices. … Read more