Сyberattacks and the threats they pose are becoming more complex every day. Therefore, no user, including Mac users, is immune to viruses, malware, and cyberаttacks. For a long time, Mac computers were thought to be less vulnеrable to such threats than Windows ones. But that does nоt mean they do nоt need reliable protection. After all, as mentioned above, nothing stands still and threats are also improving.

On May 27, 2024, Check Point released hot fixes for an information disclosure vulnerability being leveraged by threat actors to target Check Point VPNs. This vulnerability was labeled as CVE-2024-24919 and is rated as high severity, as a remote threat actor can exploit the vulnerability to access information on Gateways connected to the Internet, with IPSec VPN, Remote Access VPN or Mobile Access enabled.

Eleven years ago, the White House issued Executive Order 13636, which tasked the National Institute of Standards and Technology (NIST) with the creation of a cybersecurity framework (CSF) that would help better protect the nation’s critical infrastructure.

Read also: the US dismantles the 911 S5 proxy botnet, a T-Mobile hacker arrested in Turkey, and more.

In this version of the Hacker’s Playbook Threat Coverage round-up, we are highlighting attack coverage for newly discovered or analyzed threats, including a newly created scenario that leverages AI Generated malware. SafeBreach customers can select and run these attacks and more from the SafeBreach Hacker’s Playbook to ensure coverage against these advanced threats. Additional details about the threats and our coverage can be seen below.

This policy setting determines if RPC clients authenticate with the Endpoint Mapper Service when their call includes authentication data. The Endpoint Mapper Service on Windows NT4 (all service packs) is unable to process authentication data provided in this manner. Disabling this policy means RPC clients won’t authenticate with the Endpoint Mapper Service, but they can still communicate with it on Windows NT4 Server. The recommended state for this setting is: Enabled.

On May 28, 2024, Okta disclosed that the cross-origin authentication feature in Customer Identity Cloud (CIC) is being targeted by credential-stuffing attacks. These attacks involve threat actors using large lists of stolen usernames and passwords to gain unauthorized access to online services. Suspicious activity has been observed starting from April 15, prompting Okta to notify affected customers and provide guidance to mitigate the issue.

As we near the halfway point of 2024, it is apparent that the epidemic of extortionary cyber attacks will continue unabated into the foreseeable future. Now more than ever, I believe that until organizations adopt cultural approaches to cybersecurity, breaches will continue to wreak havoc on companies and industries. But why is this? There are far too many reasons to enumerate here, but in my experience the biggest factors are.