The maintainers of the Jetpack WordPress plugin have released a security update to remediate a critical vulnerability that could allow logged-in users to access forms submitted by others on a site.
Jetpack, owned by WordPress maker Automattic, is an all-in-one plugin that offers a comprehensive suite of tools to improve site safety, performance, and traffic growth. It's used on 27 millionView the full article
A suspected nation-state adversary has been observed weaponizing three security flaws in Ivanti Cloud Service Appliance (CSA) a zero-day to perform a series of malicious actions.
That's according to findings from Fortinet FortiGuard Labs, which said the vulnerabilities were abused to gain unauthenticated access to the CSA, enumerate users configured in the appliance, and attempt to access theView the full article
The link between detection and response (DR) practices and cloud security has historically been weak. As global organizations increasingly adopt cloud environments, security strategies have largely focused on "shift-left" practices—securing code, ensuring proper cloud posture, and fixing misconfigurations. However, this approach has led to an over-reliance on a multitude of DR tools spanningView the full article
Cybersecurity researchers have found that entry points could be abused across multiple programming ecosystems like PyPI, npm, Ruby Gems, NuGet, Dart Pub, and Rust Crates to stage software supply chain attacks.
"Attackers can leverage these entry points to ******** malicious code when specific commands are run, posing a widespread risk in the open-source landscape," Checkmarx researchers YehudaView the full article
Hey there, it's your weekly dose of "what the heck is going on in cybersecurity land" – and trust me, you NEED to be in the loop this time. We've got everything from zero-day exploits and AI gone rogue to the FBI playing crypto kingpin – it's full of stuff they don't want you to know.
So let's jump in before we get FOMO.
Threat of the Week
GoldenJackal Hacks Air-Gapped Systems: MeetView the full article
Threat actors are actively attempting to exploit a now-patched security flaw in Veeam Backup & Replication to deploy Akira and Fog ransomware.
Cybersecurity vendor Sophos said it has been tracking a series of attacks in the past month leveraging compromised VPN credentials and CVE-2024-40711 to create a local account and deploy the ransomware.
CVE-2024-40711, rated 9.8 out of 10.0 on theView the full article
The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the U.A.E. and the broader Gulf region.
"The group utilizes sophisticated tactics that include deploying a ********* that leverages Microsoft Exchange servers for credentials theft, and exploiting vulnerabilitiesView the full article
The U.S. Department of Justice (DoJ) has announced arrests and charges against several individuals and entities in connection with allegedly manipulating digital asset markets as part of a widespread ****** operation.
The law enforcement action – codenamed Operation Token Mirrors – is the result of the U.S. Federal Bureau of Investigation (FBI) taking the "unprecedented step" of creating its ownView the full article
A new tax-themed malware campaign targeting insurance and finance sectors has been observed leveraging GitHub links in phishing email messages as a way to bypass security measures and deliver Remcos RAT, indicating that the method is gaining traction among threat actors.
"In this campaign, legitimate repositories such as the open-source tax filing software, UsTaxes, HMRC, and InlandRevenue wereView the full article
Threat actors constantly change tactics to bypass cybersecurity measures, developing innovative methods to steal user credentials. Hybrid password attacks merge multiple cracking techniques to amplify their effectiveness. These combined approaches exploit the strengths of various methods, accelerating the password-cracking process.
In this post, we’ll explore hybrid attacks — what they areView the full article
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that it has observed threat actors leveraging unencrypted persistent cookies managed by the F5 BIG-IP Local Traffic Manager (LTM) module to conduct reconnaissance of target networks.
It said the module is being used to enumerate other non-internet-facing devices on the network. The agency, however, did not disclose whoView the full article
GitLab has released security updates for Community Edition (CE) and Enterprise Edition (EE) to address eight security flaws, including a critical bug that could allow running Continuous Integration and Continuous Delivery (CI/CD) pipelines on arbitrary branches.
Tracked as CVE-2024-9164, the vulnerability carries a CVSS score of 9.6 out of 10.
"An issue was discovered in GitLab EEView the full article
The Dutch police have announced the takedown of Bohemia and Cannabia, which has been described as the world's largest and longest-running dark web market for ******** goods, drugs, and cybercrime services.
The takedown is the result of a collaborative investigation with Ireland, the ******* Kingdom, and the ******* States that began towards the end of 2022, the Politie said.
The marketplaceView the full article
OpenAI on Wednesday said it has disrupted more than 20 operations and deceptive networks across the world that attempted to use its platform for malicious purposes since the start of the year.
This activity encompassed debugging malware, writing articles for websites, generating biographies for social media accounts, and creating AI-generated profile pictures for fake accounts on X.
"ThreatView the full article
Cybersecurity security researchers are warning about an unpatched vulnerability in Nice Linear eMerge E3 access controller systems that could allow for the ********** of arbitrary operating system (OS) commands.
The flaw, assigned the CVE identifier CVE-2024-9441, carries a CVSS score of 9.8 out of a maximum of 10.0, according to VulnCheck.
"A vulnerability in the Nortek Linear eMerge E3 allowsView the full article
The current SOC model relies on a scarce resource: human analysts. These professionals are expensive, in high demand, and increasingly difficult to retain. Their work is not only highly technical and high-risk, but also soul-crushingly repetitive, dealing with a constant flood of alerts and incidents. As a result, SOC analysts often leave in search of better pay, the opportunity to move beyondView the full article
For verified travel tips and real support, visit: [Hidden Content]
Cybersecurity researchers have shed light on a new digital skimmer campaign that leverages Unicode obfuscation techniques to conceal a skimmer dubbed Mongolian Skimmer.
"At first glance, the thing that stood out was the script's obfuscation, which seemed a bit bizarre because of all the accented characters," Jscrambler researchers said in an analysis. "The heavy use of Unicode characters, manyView the full article
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Fortinet products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
The vulnerability, tracked as CVE-2024-23113 (CVSS score: 9.8), relates to cases of remote code ********** that affects FortiOS, FortiPAM, FortiProxy, and FortiWeb.
"AView the full article
Mozilla has revealed that a critical security flaw impacting Firefox and Firefox Extended Support Release (ESR) has come under active exploitation in the wild.
The vulnerability, tracked as CVE-2024-9680, has been described as a use-after-free bug in the Animation timeline component.
"An attacker was able to achieve code ********** in the content process by exploiting a use-after-free inView the full article
Google on Wednesday announced a new partnership with the Global Anti-Scam Alliance (GASA) and DNS Research Federation (DNS RF) to combat online scams.
The initiative, which has been codenamed the Global Signal Exchange (GSE), is designed to create real-time insights into scams, ******, and other forms of cybercrime pooling together threat signals from different data sources in order to createView the full article
Details have emerged about multiple security vulnerabilities in two implementations of the Manufacturing Message Specification (MMS) protocol that, if successfully exploited, could have severe impacts in industrial environments.
"The vulnerabilities could allow an attacker to ****** an industrial device or in some cases, enable remote code **********," Claroty researchers Mashav Sapir and VeraView the full article
Threat actors with ties to North Korea have been observed targeting job seekers in the tech industry to deliver updated versions of known malware families tracked as BeaverTail and InvisibleFerret.
The activity cluster, tracked as CL-STA-0240, is part of a campaign dubbed Contagious Interview that Palo Alto Networks Unit 42 first disclosed in November 2023.
"The threat actor behind CL-STA-0240View the full article
Social media accounts help shape a brand’s identity and reputation. These public forums engage directly with customers as they are a hub to connect, share content and answer questions. However, despite the high profile role these accounts have, many organizations overlook social media account security. Many lack the safeguards to prevent unauthorized access — a situation no organization wants asView the full article
Microsoft has released security updates to fix a total of 118 vulnerabilities across its software portfolio, two of which have come under active exploitation in the wild.
Of the 118 flaws, three are rated Critical, 113 are rated Important, and two are rated Moderate in severity. The Patch Tuesday update doesn't include the 25 additional flaws that the tech giant addressed in its Chromium-basedView the full article
Microsoft is warning of cyber ******* campaigns that ****** legitimate file hosting services such as SharePoint, OneDrive, and Dropbox that are widely used in enterprise environments as a defense evasion tactic.
The end goal of the campaigns are broad and varied, allowing threat actors to compromise identities and devices and conduct business email compromise (BEC) attacks, which ultimately resultView the full article
Privacy Notice: We utilize cookies to optimize your browsing experience and analyze website traffic. By consenting, you acknowledge and agree to our Cookie Policy, ensuring your privacy preferences are respected.
