Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On September 11, 2024, GitLab released patches for a critical vulnerability affecting various versions of GitLab CE/EE, identified as CVE-2024-6678. This flaw allows a remote attacker to trigger a pipeline as an arbitrary user under specific conditions. A GitLab pipeline is a collection of automated processes that run in stages to build, test, and deploy code.

Crystal Rans0m is a previously undocumented hybrid ransomware family developed in Rust programming language seen for the first time in the wild on September 2nd, 2023. Interestingly, it does not only encrypt victim’s files, demanding a ransom for their release, but also steals sensitive information from the infected systems. This dual-threat approach means that attackers can double their leverage over victims, potentially increasing their chances of monetizing their attacks.

Adobe has recently addressed a critical vulnerability in its Acrobat Reader software, urging users to update immediately. The flaw, tracked as CVE-2024-41869, is a "use after free" vulnerability, which could allow attackers to execute malicious code remotely through specially crafted PDF files. This article explores the nature of this exploit, its discovery, and the urgency behind updating to the latest version.

GitHub Copilot and other AI coding tools have transformed how we write code and promise a leap in developer productivity. But they also introduce new security risks. If your codebase has existing security issues, AI-generated code can replicate and amplify these vulnerabilities.

We’re excited to announce a new Snyk AppRisk integration with Orca Security that brings the best of two worlds together: developer-loved, security-trusted application security from Snyk and leading cloud security from Orca. This integration is big news for organizations looking to align with DevSecOps and enhance collaboration between development and security teams.

CVE-2024-40766 is a critical (CVSS v3 score: 9.3) access control flaw. Its primary danger comes from the potential for providing unauthorized network access, both allowing attackers unfettered access to critical resources and, in some cases, giving attackers the ability to crash the firewall.

The critical CVE-2024-40711 vulnerability in Veeam Backup & Replication (VBR) is drawing attention from security researchers and ransomware groups alike. Discovered by Florian Hauser from Code White, this flaw allows attackers to take full control of enterprise systems, posing a significant threat to the integrity of data backup infrastructures. With ransomware groups historically targeting Veeam vulnerabilities, CVE-2024-40711 could soon become a valuable tool for cybercriminals.

On September 10, 2024, Ivanti released fixes for CVE-2024-29847, a maximum severity vulnerability in Ivanti Endpoint Manager (EPM). This flaw, found in the agent portal of specific EPM versions, allows Remote Code Execution (RCE) by an unauthenticated attacker due to improper deserialization of untrusted data.