%term

CVE-2024-22024: New High-severity Ivanti Authentication Bypass Vulnerability

Feb 12, 2024 By Steven Campbell In Arctic Wolf

On February 8, 2024, Ivanti publicly disclosed a high-severity authentication bypass vulnerability (CVE-2024-22024) impacting Ivanti Connect Secure, Policy Secure, and ZTA products. CVE-2024-22024 is an XML external entity (XXE) flaw in the SAML component and could allow threat actors to bypass authentication and access certain restricted resources if successfully exploited.

Read Post

Arctic Wolf

Read more about CVE-2024-22024: New High-severity Ivanti Authentication Bypass Vulnerability

CVE-2024-21762 and CVE-2024-23113: Multiple Critical Vulnerabilities in Fortinet, One Likely Under Active Exploitation

Feb 12, 2024 By Andres Ramos In Arctic Wolf

On February 8, 2024, Fortinet’s FortiGuard disclosed two critical vulnerabilities affecting FortiOS. CVE-2024-23113, a format string vulnerability, and CVE-2024-21762, an out-of-bounds write vulnerability, could allow unauthenticated threat actors to execute arbitrary code or commands. FortiGuard has stated they are aware of potential exploitation of CVE-2024-21762.

Read Post

Arctic Wolf

Read more about CVE-2024-21762 and CVE-2024-23113: Multiple Critical Vulnerabilities in Fortinet, One Likely Under Active Exploitation

Automatic source locations with Rego

Feb 12, 2024 By Jasper Van der Jeugt In Snyk

At Snyk, we are big fans of Open Policy Agent’s Rego. Snyk IaC is built around a large set of rules written in Rego, and customers can add their own custom rules as well. We recently released a series of improvements to Snyk IaC, and in this blog post, we’re taking a technical dive into a particularly interesting feature — automatic source code locations for rule violations.

Read Post

Snyk

Read more about Automatic source locations with Rego

CVSS: The Common Vulnerability Scoring System

Feb 12, 2024 By Leanne Mitton In Splunk

Cybersecurity measures have become important in the ever-evolving landscape of digital threats. With organizations increasingly relying on digital technologies to drive their operations, the risk of cyberattacks becomes more likely, with potential consequences ranging from financial losses to reputational damages.

Read Post

Splunk

Read more about CVSS: The Common Vulnerability Scoring System

How Nucleus Security's $43M Series B Funding Powers Enterprise Risk-Based Vulnerability Management Innovation

Feb 12, 2024 By Steve Carter In Nucleus

We at Nucleus Security are thrilled to share our journey and vision following our recent $43 million Series B funding round. This investment, led by Arthur Ventures and Lead Edge Capital, is a testament to our commitment to leading the charge in vulnerability management innovation and our dedication to protecting digital infrastructures worldwide. Read the full press release here.

Read Post

Nucleus

Read more about How Nucleus Security's $43M Series B Funding Powers Enterprise Risk-Based Vulnerability Management Innovation

5 Best Network Vulnerability Scanning Tools in 2024

Feb 11, 2024 By Tsippi Dach In AlgoSec

Network vulnerability scanning provides in-depth insight into your organization’s security posture and highlights the specific types of vulnerabilities attackers may exploit when targeting it. These tools work by systematically scanning your network environment — including all desktops, laptops, mobile endpoints, servers, and other assets for known weaknesses and misconfigurations. Your analyzer then produces a detailed report that tells you exactly how hackers might breach your systems.

Read Post

AlgoSec

Read more about 5 Best Network Vulnerability Scanning Tools in 2024

Fortinet Vulnerability: CVE-2024-21762

Feb 9, 2024 By Lauren Farrell In Centripetal

On Thursday, February 8th, the Fortinet Product Security Incident Response Team released an advisory (FG-IR-24-015) notifying of an out-of-bound write vulnerability in their SSL VPN tracked as CVE-2024-21762. The vulnerability “may allow a remote unauthenticated attacker to execute arbitrary code or command via specially crafted HTTP requests”.

Read Post

Centripetal

Read more about Fortinet Vulnerability: CVE-2024-21762

Vulnerability A03 : Injection - OWASP TOP 10

Feb 9, 2024 By VISTA InfoSec In VISTA InfoSec

Welcome to our latest video on the OWASP Top 10, focusing on Vulnerability A03: Injection. This video is designed to provide a comprehensive understanding of injection vulnerabilities, which are among the most common and dangerous security risks in web applications. In this video, we will explore the concept of injection vulnerabilities, their various types, and how they can be identified. We will also look at real-world examples to illustrate the potential impacts of these vulnerabilities when they are exploited.

View Video

VISTA InfoSec

Read more about Vulnerability A03 : Injection - OWASP TOP 10

New Year, New Ivanti Vulnerability

Feb 8, 2024 By Ben Edwards In BitSight

Welcome folks! It’s 2024 and we here at Bitsight are kicking off a series of short informative posts on events that caught our attention as cognition authorities1 each month. We’re excited to report on the interesting things Bitsight found.

Read Post

BitSight

Read more about New Year, New Ivanti Vulnerability

Exploitation of Confluence Server Vulnerability CVE-2023-22527 Leading to C3RB3R Ransomware

Feb 8, 2024 By Stefan Hostetler, Markus Neis, Kyle Pagelow In Arctic Wolf

On January 4, 2024, Atlassian disclosed CVE-2023-22527, a template injection vulnerability affecting Confluence Data Center and Server versions 8.0.0 to 8.5.3. The vulnerability allows for unauthenticated remote code execution to be achieved on affected versions of the software. Arctic Wolf Labs has observed evidence of C3RB3R ransomware, as well as several other malicious payloads, being deployed following exploitation of CVE-2023-22527. We present our preliminary findings here.

Read Post