Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Atlassian recently disclosed a new critical vulnerability in its Confluence Server and Data Center product line, the CVE has a CVSS score of 10, and allows an unauthenticated attacker to gain Remote Code Execution (RCE) access on the vulnerable server. There is no workaround, the only solution being to upgrade to the latest patched versions.

The JFrog Security research team has recently discovered two security vulnerabilities in X.Org libX11, the widely popular graphics library – CVE-2023-43786 and CVE-2023-43787 (with a high NVD severity CVSS 7.8). These vulnerabilities cause a denial-of-service and remote code execution. X11’s latest versions contain fixes for these vulnerabilities.

Recent ransomware attacks on European organizations have attracted significant attention, primarily due to the involvement of threat actors with Russian connections or origins. Of particular concern is the latest attack on an IT service provider, which has had a profound impact on Swedish companies, government agencies, and municipalities.

Welcome to the Threat Context Monthly blog series where we provide a comprehensive roundup of the most relevant cybersecurity news, and threat information from KrakenLabs, Outpost24’s cyber threat intelligence team.

When a security incident happens, it’s one thing to reactively fix the issue, sweep it under the rug, and move on. It’s a whole other to respond to the situation with a proactive, forward-facing response — not only solving the existing issues but preparing the entire organization for the future. DISH Network did just that, responding to a significant security incident with new, shift-left initiatives that made their security and development teams stronger than ever.

CVE-2024-0204, a critical authentication bypass exploit in Fortra's GoAnywhere Managed File Transfer (MFT) software, allows unauthorized users to create admin users and bypass authentication requirements. GoAnywhere MFT was previously targeted by the Clop ransomware group with CVE-2023-0669. Fortra released a security advisory for CVE-2024-0204 in January 2024 following their December 2023 patch release. Any use of Fortra GoAnywhere MFT versions predating 7.4.1 are affected by the vulnerability.

Technical vulnerabilities are areas of weakness in your source code or infrastructure that attackers could potentially exploit. It’s important for your business to address its technical vulnerabilities to protect itself from these types of threats, in addition to gaining or maintaining compliance with SOC 2 and ISO 27001. ‍ For many of these standards, you’re required to have vulnerability scanners running to ensure you’re continuously monitoring for new threats.

Most WAF providers rely on reactive methods, responding to vulnerabilities after they have been discovered and exploited. However, we believe in proactively addressing potential risks, and using AI to achieve this. Today we are sharing a recent example of a critical vulnerability (CVE-2023-46805 and CVE-2024-21887) and how Cloudflare's Attack Score powered by AI, and Emergency Rules in the WAF have countered this threat.