Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On August 13, 2024, SolarWinds released a hotfix for CVE-2024-28986, a critical Remote Code Execution (RCE) vulnerability affecting Web Help Desk (WHD). WHD is an IT service management software widely used across various industries for tracking and managing support tickets. This vulnerability arises from a Java deserialization flaw, which could enable a remote attacker to execute arbitrary code on vulnerable hosts.

Being a bad guy on the Internet is a really good business. In more than 90% of cybersecurity incidents, phishing is the root cause of the attack, and during this third week of August phishing attacks were reported against the U.S. elections, in the geopolitical conflict between the U.S., Israel, and Iran, and to cause $60M in corporate losses.

A review of AI-generated malware, and how a SOC might deal with the ever-increasing threat… Theofanis Dimakis, SOC Officer, and Nikolaos Tsompanidis, Threat Detection & Response Expert at Obrela, speaking during the recent CRESTCon Europe event, shared insights from their perspective into detecting malware, including the rising tide of AI variants.

Top tips is a weekly column where we highlight what’s trending in the tech world today and list ways to explore these trends. This week, we’ll discuss quick and easy steps to keep your digital payments secure. Honestly, we think the world’s transition to digital payments was unsettlingly quick. Consumers were thrust into the world of digital payments without sufficient awareness of best practices or knowledge of what is trustworthy when it comes to online transactions.

An insider threat occurs when a legitimate user of an organization’s systems intentionally or accidentally puts the organization’s data at risk. These threats can have a devastating impact on a company’s data, reputation, and bottom line. Insider threat hunting has become essential to proactively identify and mitigate these risks before they escalate into full-blown security incidents.

Imagine for a moment that your home has a rodent problem. To address this, you install a fancy system designed to automatically detect and trap animals before they can roam around your house and cause any damage. The system seems to work well; from time to time, you arrive home to find a mouse or a squirrel caught by the device. No big deal, right? Lots of small critters about and the system is working as designed to catch them.

Microsoft has disclosed a critical (CVSS 9.8) TCP/IP remote code execution (RCE) vulnerability that impacts all Windows systems utilizing IPv6. To conduct this attack, threat actors can repeatedly send IPv6 packets that include specially crafted packets. By doing this, an unauthenticated attacker could exploit this vulnerability, leading to remote code execution. Systems that have IPv6 disabled are not susceptible to this vulnerability.

File-sharing phishing attacks have skyrocketed over the past year, according to a new report from Abnormal Security. “In file-sharing phishing attacks, threat actors exploit popular platforms and plausible pretexts to impersonate trusted contacts and trick employees into disclosing private information or installing malware,” the report says.

Hospitals face a challenging dilemma: delivering the highest quality of medical care while shielding patient and family data from ever-evolving cyber threats, all while ensuring that critical operations continue uninterrupted. At Trustwave, we understand the immense pressure hospitals are under and are dedicated to creating a safer digital environment where healthcare providers can thrive, and patients receive the uncompromised care they deserve.

The article released on August 13, 2024 regarding the security update for Windows 11 for hot fix KB5041571 discusses the new features and improvements to the operating system. The security update includes changes to the lock screen, NetJoinLegacyAccountReuse, Secure Boot Advanced Targeting (SBAT) and Linux Extensible Firmware Interface (EFI), and Domain Name System (DNS). The article also includes a servicing stack update to improve the reliability of the Windows update process.