Starting May 15, 2023, threat actor Storm-0558 illicitly employed forged Azure Access tokens tokens to gain unauthorized access to user emails in around 25 organizations, encompassing government agencies and various consumer accounts hosted on the public cloud.

Security and development teams know that managing vulnerabilities is complex and challenging. The ultimate aim of a vulnerability management program is to minimize the organization’s overall risk exposure by identifying, prioritizing, and resolving vulnerabilities that impact its assets and environment. Attackers frequently exploit known vulnerabilities to gain access to the organization.

Attacks that leverage vulnerabilities in open source software are on the rise. How security teams respond to these incidents is key to what impact they will ultimately have. Oftentimes the attacks stemming from open source vulnerabilities are unpredictable, making them a big challenge for teams.

One of the biggest threats to software supply chain security is open source software applications and components. Many enterprises and small businesses have come to rely on open source solutions, and they are an important part of IT strategies today. But vulnerabilities in open source software present a risk because they can provide cyber criminals with a way to carry out attacks.

It’s never been a more important time for developers to have a security mindset. Software developers are increasingly relying on open source components in their products. While this makes their jobs somewhat easier, open source is prone to vulnerabilities. It’s no secret that developers often find it challenging to prioritize cybersecurity, using the rationale that it should fall under the purview of security teams.

MOVEit CVE-2023-34362 is a Critical SQL Injection vulnerability rated 9.8. It affects all versions of Progress Software’s managed file transfer (MFT) solution, MOVEit Transfer. This vulnerability has the potential to grant unauthorized access. For in-depth information about the vulnerability, including mitigation measures, incident response, and the attack surface, refer to our previous blog post published on June 6th.

Enhancing the trust and security of the supply chain is on the minds of many a cybersecurity executive today, and will likely be a topic of interest and concern in the months and years to come. It’s not surprising then, that the focal point of a recent RSA Conference virtual seminar was supply chain security. A panel held during the event covered the topic of establishing trust to enhance supply chain security, which is surely one of the more daunting challenges organizations face.

StackRot, identified as CVE-2023-3269 is a 7.8 HIGH use-after-free vulnerability in the Linux kernel versions 6.1 to 6.4 that can lead to privilege escalation. The vulnerability, which was disclosed by Ruihan Li who also released detailed information about it, is caused by a change in the VMA (Virtual Memory Address) tree structure from using red-black trees to maple trees.

AppSec and Software Supply Chain Security are two terms more frequently used as part of DevOps, as well as when considering how to develop a security strategy. Software supply chain attacks are on the rise and organizations must brace for the strong possibility that their software supply chain will be a target–so much so that Gartner has projected that by 2025, supply chain risk management will be a key success driver for more than 50% of organizations.