Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Path traversal, also known as directory traversal, occurs when a malicious user manipulates user-supplied data to gain unauthorized access to files and directories. Typically the attacker will be trying to access logs and credentials that are in different directories. Path traversal is not a new vulnerability and has been actively exploited since the 90s when web servers gained popularity, many relied on Common Gateway Interface (CGI) scripts to execute dynamic server-side content.

Data masking is essential for protecting sensitive information in today’s data-driven world. It ensures that critical data, such as personal and financial information, remains secure from unauthorized access by replacing real data with fictitious or obfuscated values. By replacing real data with fictitious or obfuscated values, data masking safeguards privacy while enabling necessary operations like testing and analytics.

On November 18, 2024, Palo Alto Networks disclosed the existence of two vulnerabilities (CVE-2024-0012 and CVE-2024-9474) in Palo Alto Networks OS (PAN-OS), the operating system used on their firewall devices. A day later, watchTowr released a report providing technical details on how to chain the two vulnerabilities together to achieve remote code execution of these vulnerabilities.

Trend Micro’s recent report on the Water Barghest threat actor underlines a critical issue that has long plagued the IoT ecosystem: the security shortcomings inherent in many connected devices. With over 20,000 IoT devices compromised and exploited as residential proxies within minutes, this story highlights the growing risks posed by insecure IoT devices and the urgent need for proactive security measures.

In the high-stakes world of cybersecurity, organizations must ensure that their teams not only protect the organization but also stay motivated and productive. One of the most insidious threats to achieving this goal is alert fatigue. When analysts are bombarded with thousands of security alerts daily, they risk becoming overwhelmed and disillusioned in their roles.

On November 19, 2024, Palo Alto Networks disclosed two critical vulnerabilities in its PAN-OS software, CVE-2024-0012 an Authentication Bypas, and CVE-2024-9474 a Privilege Escalation. These vulnerabilities enable attackers to gain unauthorized administrative access and escalate privileges to root level. Exploitation of these vulnerabilities, observed in the wild, has been attributed to a targeted campaign dubbed Operation Lunar Peek.

So you’ve rolled out 1Password Enterprise Password Manager, successfully onboarded your team – now what? Don’t let the momentum you’ve built go to waste! By building long-term security habits early on you’ll reap the benefits far into the future.

Are you worried about your personal information leaking online? Worried your email has breached online or leaked on the dark web? Unsure if you’re passwords are safe? Don’t worry, you’re not alone. Fortunately, encryption is our friend. It is an advanced technology that prevents hackers from stealing our sensitive information, protects us from data breaches, and ensures businesses can comply with data protection laws.

Welcome to the Threat Context Monthly blog series where we provide a comprehensive roundup of the most relevant cybersecurity news and threat information from KrakenLabs, Outpost24’s cyber threat intelligence team. Here’s what you need to know from November.