Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

detectify

Significant changes to attack surface overview and many new tests

Mar 8, 2024 By Victor Arellano In Detectify
The new attack surface overview puts the changes and potential risky exposures to your attack surface front and center. But that’s not all we’ve shipped in February. We’ve improved our Azure domain connector, simplifying onboarding for those users, and sent dozens of new vulnerability tests, such as CVE-2024-27199: TeamCity Authentication Bypass and CVE-2024-21893: Ivanti Connect Secure, Policy Secure SSRF.
Read Post
Snyk

Understanding the RSA-based Marvin Attack

Mar 7, 2024 By Vandana Verma Sehgal In Snyk
The Marvin Attack, named after the vulnerability it exploits, poses a significant threat to systems relying on RSA encryption and signing operations. It's a variation of the Bleichenbacher attack, which exploits errors in PKCS #1 v1.5 padding to perform adaptive-chosen ciphertext attacks. The attack leverages timing information obtained from RSA encryption or signing operations.
Read Post
splunk

Security Insights: JetBrains TeamCity CVE-2024-27198 and CVE-2024-27199

Mar 7, 2024 By Splunk Threat Research Team In Splunk
Two critical vulnerabilities have been exposed in JetBrains TeamCity On-Premises versions up to 2023.11.3. Identified by Rapid7’s vulnerability research team in February 2024, CVE-2024-27198 and CVE-2024-27199 pose a significant threat, enabling unauthenticated attackers to potentially gain administrative control or execute code remotely on affected TeamCity servers.
Read Post

Understand Security Misconfiguration | OWASP Top 10

Mar 7, 2024 By VISTA InfoSec In VISTA InfoSec
🔒 Unlocking Secure Software: Understanding Security Misconfiguration 🔒 In this OWASP Top 10 video, we delve into the critical topic of Security Misconfiguration (A05). 🛡️ Security Misconfiguration poses a significant risk in the OWASP Top 10. It occurs when applications or systems are configured with errors, leaving them vulnerable to exploitation by malicious actors. Whether it’s unchanged default settings or outdated software, these misconfigurations can have dire consequences.
View Video
obrela

Apache Superset - Database Data Retrieval Through Improper Error Handling

Mar 6, 2024 By Anastasios Stasinopoulos In Obrela
Anastasios Stasinopoulos from OBRELA LABS Team discovered a security flaw that affects Apache Superset (before 3.0.4, from 3.1.0 before 3.1.1), an open-source modern data exploration and visualization platform. Apache Superset error handling can be manipulated in order to allow data retrieval from the backend database.
Read Post
Snyk

Snyk Learn and the NIST Cybersecurity Framework (CSF)

Mar 6, 2024 By Michael Biocchi In Snyk
NIST (National Institute of Standards and Technology) recently released its revamped cybersecurity framework (CSF), aptly called NIST CSF 2.0. The CSF previously had five functions: Identify, Protect, Detect, Respond, and Recover. With 2.0, there is now a sixth: Govern. While Snyk plays an important role in application security and governance, in this blog, we're going to look at the function Snyk Learn plays in CSF 2.0: Protect.
Read Post
kroll

TODDLERSHARK: ScreenConnect Vulnerability Exploited to Deploy BABYSHARK Variant

Mar 5, 2024 By Kroll In Kroll
The Kroll CTI team observed a campaign using a new malware that appears to be very similar to BABYSHARK, previously reported to have been developed and used by the APT group Kimsuky (KTA082). The malware was deployed as part of an attempted compromise that was detected and stopped by the Kroll Responder team. The activity started with exploitation of a recently addressed authentication bypass in the remote desktop software ScreenConnect, developed by ConnectWise.
Read Post
Snyk

5 security best practices for adopting generative AI code assistants like GitHub Copilot

Mar 5, 2024 By Liqian Lim () In Snyk
Not that long ago, AI was generally seen as a futuristic idea that seemed like something out of a sci-fi film. Movies like Her and Ex Machina even warned us that AI could be a Pandora's box that, once opened, could have unexpected outcomes. How things have changed since then, thanks in large part to ChatGPT’s accessibility and adoption!
Read Post
outpost 24

Unlocking admin privileges via application-wide XSS delivery

Mar 4, 2024 By Peter Kantomaa In Outpost 24
During a recent customer assessment, our pen testers discovered a critical vulnerability that exemplifies the importance of manual and continuous pen testing. The issue involved a feature intended for administrators, allowing them to send messages to a “broadcast” endpoint, which would then be displayed in a modal pop-up box for all logged-in users of the web application. However, our pen testers found that this functionality was accessible to any user, regardless of their role.
Read Post
safebreach

SafeBreach Coverage for AA24-060A (Phobos Ransomware) and AA24-060B (Ivanti Connect Secure)

Mar 1, 2024 By Kaustubh Jagtap In SafeBreach
On February 29th, the Cybersecurity and Infrastructure Security Agency (CISA) issued two separate advisories related to malicious behavior exhibited by threat actors. The first advisory AA24-060A pertains to Phobos Ransomware and the second advisory AA24-060B pertains to the exploitation of vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.