March 11, 2024 at 11:45AM Recent disclosure of a critical TeamCity vulnerability, CVE-2024-27198, led to ransomware attacks after Rapid7 and JetBrains controversy. Rapid7 publicly detailed the vulnerabilities to ensure transparency, after JetBrains fixed them without informing Rapid7. Threat actors launched attacks soon after disclosure, with some servers compromised and files encrypted. JetBrains blamed Rapid7 for … Read more
March 11, 2024 at 10:51AM A new banking trojan called CHAVECLOAK targets users in Brazil via phishing emails with PDF attachments. The attack involves deceptive DocuSign lures leading to an installer file, which installs CHAVECLOAK malware. This sophisticated malware steals sensitive information, monitors financial portals, and connects to a command-and-control server. Additionally, a mobile banking … Read more
March 11, 2024 at 10:07AM Recent cybersecurity incidents emphasize the importance of understanding and effectively implementing security best practices within the Microsoft 365 ecosystem. The increasing use of AI in cybersecurity calls for proactive measures to address evolving threats. Key strategies include reviewing access control policies, managing delegations, and maintaining control over the cloud environment … Read more
March 11, 2024 at 10:03AM “Cyber Insights 2024” series by SecurityWeek engages with numerous industry experts and companies to discuss seven primary topics related to cybersecurity. This initiative aims to provide comprehensive insights into the future of cybersecurity. It seems like these meeting notes are discussing the Cyber Insights 2024 series that involves conversations with … Read more
March 11, 2024 at 10:03AM Over the weekend, Taiwan-based QNAP Systems announced patches for critical vulnerabilities in several products, such as QTS, QuTS hero, and QuTScloud. The flaws could enable unauthenticated access to network-attached storage (NAS) devices. CVE-2024-21899 poses a high risk, while CVE-2024-21900 and CVE-2024-21901 present medium risks, requiring authentication for exploitation. QNAP also … Read more
March 11, 2024 at 10:03AM Fortinet recently patched a critical vulnerability in FortiOS, warning of potential exploitation. Tracked as CVE-2024-21762, the flaw can result in out-of-bounds write issues, allowing remote attackers to execute arbitrary code. While CISA added it to the Known Exploited Vulnerabilities Catalog, there are no reports of mass attacks or confirmed exploitation. … Read more
March 11, 2024 at 09:42AM The British Library is struggling to recover from the Rhysida ransomware attack due to legacy IT systems, highlighting the need for modernization and increased security measures. The attack caused significant disruption to library services and has emphasized the importance of cloud-based technologies. The institution is now planning a comprehensive IT … Read more
March 11, 2024 at 08:21AM The traditional on-premises approach to data security is becoming obsolete as IT infrastructure moves to cloud-based solutions. A new guide by LayerX emphasizes the need for DLP solutions to focus on protecting corporate data in the browser. It outlines three data protection paths forward, with browser DLP being highlighted as … Read more
March 11, 2024 at 06:51AM Threat actors using BianLian ransomware exploit security flaws in JetBrains TeamCity software for extortion-only attacks. The cyberattack involves exploiting TeamCity vulnerabilities to gain initial access, deploying the BianLian backdoor, and using PowerShell for remote communication. VulnCheck also detailed PoC exploits for a critical flaw in Atlassian Confluence, indicating widespread exploitation. … Read more
March 11, 2024 at 02:45AM A critical security flaw (CVE-2024-1403) in Progress Software OpenEdge Authentication Gateway and AdminServer allows unauthorized access via bypassing authentication protections. Exploit specifics and technical details disclosed, with severity rating of 10.0. Addressed in versions OpenEdge LTS Update 11.7.19, 12.2.14, and 12.8.1. Horizon3.ai released a proof-of-concept, identifying potential remote code execution … Read more