Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Raccoon Stealer malware reappears, AI adoption remains low among threat actors, and Monti ransomware targets VMware ESXi servers with new Linux locker.

Netskope has recently released two exciting enhancements to our Advanced UEBA product. The enhancements are: Together, these two new features streamline operationalization of Advanced UEBA by providing operators alerts when it identifies users exhibiting risky behavior and an at-a-glance summary of the risky activity observed for each user.

Windows Server 2012, is the sixth version of the Windows Server operating system by Microsoft, as part of the Windows NT family of operating systems. At the time, Windows Server 2012 brought forth an array of enhanced features and refinements, and over the years, it stood as a cornerstone for many organisations, providing a bedrock of reliability, scalability, and adaptability to accommodate applications and workloads.

On August 21, 2023, Ivanti published a knowledge base article on a critical authentication bypass vulnerability impacting Ivanti Sentry (CVE-2023-38035). For this vulnerability to be exploited, the System Management Portal which is hosted on port 8443 by default must be exposed to the internet. Successful exploitation of this vulnerability could lead to a remote unauthenticated threat actor making configuration changes to the server and the underlying Operating System (OS) as root.

As vulnerability researchers, our primary mission is to find as many vulnerabilities as possible with the highest severity as possible. Finding vulnerabilities is usually challenging. But could there be a way, in some cases, to reach the same results with less effort?

Managing dependencies for a project is a task that requires consistent effort and attention. Surely, you’ve found yourself concerned about any of the following while maintaining a project: Luckily, we’ve been able to use GitHub bots to automate dependency management to an extent with solutions like Dependabot and GreenKeeper. However, these bots mostly automate the creation of a new code pull request that proposes the changes to be made.

The increasing sophistication and frequency of cyber threats have exposed companies to significant risks, including data breaches, financial losses, and reputational damage. Investors have become deeply concerned that these risks can negatively impact their investment decisions. As we have previously discussed, companies and their shareholders must tackle the significant and constantly changing challenge of understanding cybersecurity risk.

There are only two options for managing a global multi-cloud network: either by using a combination of inference, hope, and intuition or with mathematical certainty. When conducting 5 million financial transactions daily, it’s essential to operate with certainty, regardless of your network’s size or geographical distribution. Auditors don’t accept inferences; they demand certainty when determining compliance, and a poor audit can be disastrous for the business.

The state of Missouri's low-income Medicaid program through the Department of Social Services is responsible for offering medical insurance to Missourans in need. The program ensures that citizens have access to reliable healthcare with minimal costs to them. The University of Missouri, or Mizzou, is a public research institute that was founded in 1839 and serves as Missouri's largest university. Both of these programs were attacked in the recent MOVE-it data breach.

The neon lights of Black Hat and DEF CON, with their flashing demos and groundbreaking presentations, often dazzle attendees and cyber enthusiasts alike. From AI-driven hacking tools to quantum encryption, the subjects covered span a vast spectrum. However, as with any vibrant city, these include areas of risk and concern. For Black Hat 2023 events, APIs are core to these areas.