On May 21, 2024, Veeam revealed a severe flaw across its Veeam Backup Enterprise Manager (VBEM) web interface that enables an unauthenticated attacker to log into the web interface as any user. Officially designated as CVE-2024-29849, the vulnerability presents a major threat with a CVSS V3 rating of 9.8 (critical). VBEM is a web-based platform that allows administrators to oversee Veeam Backup and Replication installations through a web interface console.

Check Point Cybersecurity has issued hotfixes to address a zero-day vulnerability in its VPNs that has been exploited to gain remote access to firewalls and potentially infiltrate corporate networks. On 27.04.2024 (Monday), the company initially alerted customers to an increase in attacks targeting VPN devices, offering guidance on how administrators can safeguard their systems.

In May 2024, new vulnerabilities have been identified in BIG-IP Next Central Manager, raising considerable security concerns. This discovery follows closely on the heels of a critical vulnerability revealed in April within Palo Alto's firewalls with enabled GlobalProtect feature, which permitted unauthorized command execution. These recent findings underscore the persistent challenges in ensuring cybersecurity defenses and prompt updates for security solutions themselves.

Dell recently issued a notice regarding a data breach that occurred on May 9, which has reportedly affected over 49 million customers across the globe. According to a report by BleepingComputer, Dell initiated the distribution of notifications cautioning its customers that their personally identifiable information (PII) had been compromised in a data breach.

We are thrilled to announce that Wallarm has clinched the sought-after 2024 Cybersecurity Excellence Award, under the category Best API Security Product. Our unwavering commitment to pioneering solutions that safeguard digital ecosystems, and fortify API security amidst the evolving cyber threat landscape, has garnered industry-wide recognition. This accolade reaffirms Wallarm's position at the forefront of cybersecurity innovation, empowering businesses with confidence and resilience.

A highly concerning security loophole was recently discovered in a WordPress plugin called "Email Subscribers by Icegram Express," a popular tool utilized by a vast network of over 90,000+ websites. Officially designated as CVE-2024-2876 with a CVSS score of 9.8 (critical), the vulnerability represents a significant threat as it exposes numerous websites to potential attacks.

As we have in previous editions of the ThreatStats report, we highlight the industry’s top API-related attacks and trends. New to this version, however, is a detailed analysis of API attacks targeting AI-based applications, representing a new and rapidly expanding threat vector. And while we encourage you to download the full report, here are some key observations about what you’ll find within. API threats to AI applications are clearly on the rise.

Wallarm introduced its ongoing Open Source API Firewall project to the world at the recently concluded Blackhat Asia 2024 conference in Singapore. The open-source API Firewall by Wallarm is a free, lightweight API Firewall designed to protect REST and GraphQL API endpoints across cloud-native environments using API schema validation. By relying on a positive security model, our API Firewall only allows calls that match a predefined API specification while rejecting everything else.

On Friday April 12, Palo Alto disclosed that some versions of PAN-OS are not only vulnerable to remote code execution, but that the vulnerability has been actively exploited to install backdoors on Palo Alto firewalls. A patch is expected to be available on April 14th. The advisory from Palo Alto is here. Palo Alto has marked this vulnerability as critical and NVD has scored it a 10.0 with CVSSv3. Wallarm currently detects attacks against this vulnerability with no additional configuration required.

APIs (Application Programming Interfaces) have proliferated widely, which increases their susceptibility to various vulnerabilities. In the realm of web applications, prime examples that stand out are SOAP (Simple Object Access Protocol) and Representational State Transfer (REST) APIs. Due to their inherent complexity and the dynamic nature of software ecosystems, common vulnerabilities include inadequate authentication mechanisms and injection attacks such as SQL injection or cross-site scripting (XSS).