Intellawatch

Security Policy Images: Trusted Development Pipelines cyber

from

Uptycs Blog

In today’s fast-paced development landscape, ensuring the security of your software is more crucial than ever. This enhancement allows you to create trusted gateways that not only enhance security but also empower your development teams. By integrating security directly into the development process, teams can enhance collaboration, reduce friction, and improve overall software quality.....

Malicious Script Injection on WordPress Sites cyber

from

Sucuri Blog

On January 6th, an important security update was released for the WordPress core addresses four separate vulnerabilities. Blackhat SEO spam comes in many forms, and one of the most nefarious is hijacked search results. As a child, I loved sending secret messages to my friends using invisible ink.....

Securing cloud-native applications: Why a comprehensive API security strategy is essential cyber

from

CSO Online

Instead, these risks often stem from insecure implementations at the code level, a lack of visibility for security teams, and inadequate data protection practices: API security is a critical component of modern digital infrastructure, given the extensive role APIs play in facilitating data exchange and connectivity between systems. By leveraging a CNAPP alongside robust API management solutions, organizations can streamline their security processes, achieve comprehensive visibility, and maintai....

Russia's 'BlueAlpha' APT Hides in Cloudflare Tunnels cyber

from

Dark Reading:

It can be used to connect resources to Cloudflare's network without using a publicly routable IP address, with the goal of protecting Web servers and applications from distributed denial-of-service (DDoS) and other direct cyberattacks, by hiding their origins. Unfortunately, this obfuscation mechanism, like other legitimate cloud tools, can also be used by the likes of BlueAlpha, which uses Cloudflare Tunnels to conceal its GammaDrop staging infrastructure from traditional network detection mec....

U.S. org suffered four month intrusion by Chinese hackers cyber

from

BleepingComputer

A large U.S. organization with significant presence in China has been reportedly breached by China-based threat actors who persisted on its networks from April to August 2024. Attribution based on previous activity against the targeted organization and files is weak. However, Symantec also notes that extensive use of “living off the land” tools like PsExec, PowerShell, WMI, and open-source tools like FileZilla, Impacket, and PuTTY SSH aligns with Chinese hacker tactics.....

Bypass Bug Revives Critical N-Day in Mitel MiCollab cyber

from

Dark Reading:

Two new vulnerabilities in Mitel's MiCollab unified communications and collaboration (UCC) platform could help expose gobs of enterprise data. At Black Hat six years ago, a researcher going by the moniker Orange Tsai presented research exposing issues with how Web applications handle path normalization. "Provided that NuPoint Unified Messaging (NPM) is enabled, a remote threat actor can use CVE-2024-41713 and the [file-read] zero-day to access arbitrary files on affected devices."....

US org with ‘significant presence in China’ targeted by hackers, Symantec says cyber

from

The Record by Recorded Future

Symantec said the attackers used “several legitimate applications to load malware” — including tools made by Google and Apple. “The extended duration of this attack highlights a concerning pattern where threat actors methodically gather intelligence and establish persistent access, potentially creating opportunities for future targeted phishing campaigns or sophisticated social engineering attacks,” said Stephen Kowski, Field CTO at SlashNext Email Security. Before moving back to New York City,....

LLMs Raise Efficiency, Productivity of Cybersecurity Teams cyber

from

Dark Reading:

Cybersecurity practitioners also saw value in active uses for AI, such as proactive threat hunting (16%), greater user behavior analysis (15%), improved incident response(15%), and better security posture (11%). LLM tools can optimize resources (13%) to help make an organization's network more efficient and reduce costs (9%). Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends.....

Mitel MiCollab VoIP authentication bypass opens new attack paths cyber

from

CSO Online

Security researchers have discovered a new issue in the Mitel MiCollab enterprise VoIP platform that allows attackers to access administrative features without authentication. It turns out a lot of them: awcPortlet, awv, axis2-AWC, Bulkuserprovisioning, ChangePasscodePortlet, ChangePasswordPortlet, ChangeSettingsPortlet, LoginPortlet, massat, MiCollabMetting, portal, ReconcileWizard, SdsccDistributionErrors, UCAProvisioningWizard, and usp. But the researchers probed further and it didn’t take t....

Understanding and Testing for API1:2023 — Broken Object Level Authorization cyber

from

thexssrat @ Medium

However, with the rise of API usage, security vulnerabilities have also increased. This article provides a technical deep dive into what Broken Object Level Authorization is, how to test for it, and how to integrate its detection into your bug bounty methodology. Broken Object Level Authorization (BOLA) occurs when an API endpoint exposes direct access to objects based on user-supplied input (like an object identifier), without proper authorization checks.....

Demystifying VEX: Simplifying SBOMs with Sonatype SBOM Manager cyber

from

Sonatype Blog

Efficiency in security operations: By identifying which vulnerabilities are not exploitable, teams can allocate resources more efficiently, ignoring irrelevant alerts. Enhanced risk management: VEX helps organizations understand the real-world implications of vulnerabilities, allowing for more informed decision-making and improved protective measures. Compliance and reporting: Many regulatory frameworks recommend or require detailed vulnerability management strategies; VEX annotations help meet....

Major USAID contractor Chemonics says 263,000 affected by 2023 data breach breach

from

The Record by Recorded Future

Founded in 1975, Chemonics works in more than 70 countries around the world with about 4,000 experts providing capacity building services focused on food security, healthcare, democracy and governance, trade, education and more. At least one law firm said on Thursday that it is investigating a class action lawsuit related to the data breach. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia.....

Solana Library Supply Chain Attack Exposes Cryptocurrency Wallets cyber

from

InfoSecurity Magazine

A supply chain attack on the widely used @solana/web3.js npm library, targeting private keys to steal funds, has put developers and cryptocurrency users at risk. This attack follows other npm package breaches, such as crypto-keccak and solana-systemprogram-utils, which similarly targeted cryptocurrency wallets. “To combat this growing threat, security programs must evolve beyond traditional CVE-based vulnerability management,” warned Spektion CEO, Joe Silva.....

Data distilleries: CIOs turn to new efficient enterprise data platforms breach

from

CIO

An analysis uncovered that the root cause was incomplete and inadequately cleaned source data, leading to gaps in crucial information about claimants. As organizations increasingly adopt cloud-based data distillery solutions, they unlock significant benefits that enhance operational efficiency and provide a competitive edge. Opt for platforms that can be deployed within a few months, with easily integrated AI and machine learning capabilities.....

Exploit Development: Fuzzing with American Fuzzy Lop++ (AFL++) to Find Zero-Day Vulnerabilities cyber

from

Hackers Arise

....

The best security keys of 2024: Expert tested cyber

from

ZDNet | security RSS

In addition, its NFC capability makes it compatible with iOS and Android mobile devices, giving you the option to authenticate quickly via your smartphone or tablet. The YubiKey USB authenticator has multi-protocol support, including FIDO2, FIDO U2F, Yubico OTP, OATH-TOTP, OATH-HOTP, smart card (PIV), OpenPGP, and challenge-response capabilities, providing solid hardware-based authentication. Customer feedback indicates that this popular key is an excellent option, although you will need some r....

One Identity Named Winner of the Coveted Top InfoSec Innovator Awards for 2024 cyber

from

GBHackers On Security

One Identity named Hot Company: Privileged Access Management (PAM) in 12th Cyber Defense Magazine’s Annual InfoSec Awards during CyberDefenseCon 2024. “Being recognized for our advancements in Privileged Access Management (PAM) is a powerful affirmation of the commitment One Identity has to safeguarding critical data and systems while empowering our customers to take charge of enhancing their security. “One Identity embodies three major features we judges look for with the potential to become w....

The adventures of an extroverted cyber nerd and the people Talos helps to fight the good fight cyber

from

Talos Blog

If you ever want to be truly humbled, spend time with an NGO and learn about what they do. If we can help them stay secure, there’s so many others who will be helped by it. My man Jaeson Schultz did some great research on attacks, prevalence, and detection of QR codes in e-mail messages.....

Explore strategies for effective endpoint control cyber

from

The Register - Security

On December 9th at 9am PT/12PM ET/6pm GMT, join The Register's Tim Phillips as he explores how automation is transforming endpoint management with Harman Kaur from Tanium. - Tackling endpoint complexity: Learn how modern IT environments, with diverse devices and frequent updates, create challenges that traditional tools struggle to handle. - Improving response times with automation: Discover how automating routine tasks like patch management and vulnerability remediation can ensure endpoints re....

Russian state hackers abuse Cloudflare services to spy on Ukrainian targets cyber

from

The Record by Recorded Future

A Russian state-sponsored hacker group, known as Gamaredon, has been targeting Ukrainian-speaking victims in an ongoing cyber-espionage campaign, researchers have found. According to researchers, the group will likely continue improving its evasion techniques, including by using popular legitimate services like Cloudflare. In a report published at that time by Ukraine’s National Coordination Center for Cybersecurity (NCCC), the agency said that to hide its activity from targets and researchers,....

TA: 66729 TP: 3337 CP: 8