December 11, 2024 at 07:15AM Ivanti issued a security advisory for three critical vulnerabilities in its Cloud Services Application (CSA), including a perfect 10-rated authentication bypass flaw. These vulnerabilities could allow attackers to gain unauthorized access and execute malicious commands. Users are urged to upgrade to version 5.0.3 to mitigate risks. ### Meeting Takeaways: **Ivanti … Read more
December 11, 2024 at 06:56AM Center for Vein Restoration has informed over 446,000 individuals that their personal, medical, and financial data was compromised in a cyberattack identified on October 6. The breach affects both patients and employees. The organization is enhancing security measures and providing identity theft protection services to those impacted. ### Meeting Takeaways: … Read more
December 10, 2024 at 11:48AM Users of Cleo-managed file transfer software are urged to secure their systems due to exploitation of a remote code execution vulnerability (CVE-2024-50623). Despite patches, the issue persists, affecting products like Cleo Harmony and VLTrader. At least 10 companies have been compromised, with evidence of ransomware involvement. ### Meeting Takeaways – … Read more
December 10, 2024 at 11:40AM The U.S. Treasury sanctioned Sichuan Silence, a Chinese cybersecurity firm, and an employee for involvement in 2020 Ragnarok ransomware attacks on U.S. critical infrastructure. Guan Tianfeng exploited a zero-day vulnerability, compromising 81,000 firewalls globally, including over 23,000 in the U.S. A $10 million reward has been offered for information. **Meeting … Read more
December 10, 2024 at 11:21AM Cybercriminal gangs exploited public website vulnerabilities to steal AWS cloud credentials from numerous organizations, uncovered by researchers from CyberCyber Labs. The attackers, linked to groups Nemesis and ShinyHunters, misconfigured an AWS S3 bucket containing stolen data. AWS confirmed the incident was due to customer application flaws, not their systems. ### … Read more
December 10, 2024 at 11:16AM Palo Alto startup Wald.ai launched a contextual AI and data loss protection platform, enabling enterprises to safely use AI assistants while automatically redacting sensitive information. Priced at $19.99 per user monthly, the platform is currently utilized in healthcare, finance, and legal sectors, and offers a 14-day free trial. ### Meeting … Read more
December 10, 2024 at 11:10AM Researchers revealed that AMD’s Secure Encrypted Virtualization (SEV) can be compromised using low-cost hardware. Their “BadRAM” attack exploits the SPD chip to bypass memory access restrictions. This vulnerability undermines SEV’s integrity and affects major cloud providers, prompting AMD to prepare an advisory and recommend securing SPD locks on memory modules. … Read more
December 10, 2024 at 10:11AM Hackers are leveraging a zero-day vulnerability in Cleo managed file transfer software to infiltrate corporate networks and execute data theft attacks. This highlights the urgent need for organizations to address security weaknesses and implement protective measures against such threats. **Meeting Notes Takeaways:** 1. **Current Threat:** Hackers are exploiting a zero-day … Read more
December 10, 2024 at 10:11AM The article by Varonis Security Specialist Tom Barnea discusses the evolution of sophisticated phishing attacks that exploit AI and legitimate platforms. A specific case involving a U.K. insurance company illustrates how attackers used a trusted sender’s email and created deceptive links. Recommendations emphasize user awareness and technical measures for prevention. … Read more
December 10, 2024 at 08:44AM Huntress reports widespread exploitation of a vulnerability in Cleo file management products, affecting patched systems. The bug, CVE-2024-50623, allows remote code execution, impacting over 1,700 servers. At least ten customers are compromised, prompting Huntress to recommend firewall protection and other mitigations while awaiting an updated patch from Cleo. ### Meeting … Read more