Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In this post, we explore a powerful, yet widely unknown attack vector which has emerged in the last couple of years known as ‘Repo Jacking’. During our research, we discovered the enormous potential to compromise software components with tens of millions of downloads across the Terraform IaC (Infrastructure as Code) and Composer (PHP package registry) ecosystems. Despite its power, Repo Jacking remains under-researched and frequently misunderstood.

As modern enterprise IT environments become more complex, the need for robust cybersecurity measures continues to grow. Because of this expanding complexity, DevSecOps functions are more common, requiring the integration of security into the application development lifecycle. Application Security Posture Management (ASPM) solutions offer a unified framework for securing the diverse application environment and merging security into the application development process.

The threat group USDoD posted on a dark web forum on July 24th to claim they’ve got hold of a large database of threat actors compiled by CrowdStrike. So far, the threat actor has released only a small sample of the data, but the forum post below claims that over 250 million records have been exposed. This could provide information on the aliases, recent activities, origins, and motivations of various cybercriminal groups and state-sponsored actors.

In November 2023, while conducting a security assessment on a client’s instance of the Oracle Integration Cloud Platform, I discovered a medium severity vulnerability nestled within the handling of the “consumer_url” URL parameter. This flaw unveiled a Cross-Site Scripting (XSS) vector that could be exploited by a user with malicious intent.

Artificial intelligence (AI) has emerged as a promising solution to modernize power grids. The technology, alongside other upgrades like Internet of Things (IoT) connectivity, could make energy infrastructure more reliable and sustainable. However, AI power grids also pose significant cybersecurity risks. Attacks against critical infrastructure are becoming more common. As energy authorities ramp up their investments in AI, they should pay attention to these risks to enable a safer tech transformation.

On July 17, 2024, Cisco publicly disclosed critical vulnerabilities in Cisco Secure Email Gateway (SEG) and Cisco Smart Software Manager On-Prem (SSM), identified as CVE-2024-20401 and CVE-2024-20419 respectively. Both of these vulnerabilities may allow for unauthenticated administrative actions to be taken by threat actors when exploited.

When it comes to the world of cybersecurity, vulnerabilities are everywhere, just waiting to be exploited. Vulnerability management is the systematic process of identifying, assessing, prioritizing, and mitigating security vulnerabilities in IT systems, applications, and networks. It aims to reduce the risk of exploitation by continuously monitoring for weaknesses and applying necessary security measures.

Vulnerability management is a foundational cornerstone for reducing your organization’s cyber risk, but what are vulnerabilities and why is it important to create a strong vulnerability management program?