Week in review: MOVEit auth bypass flaws quitely fixed, open-source Rafel RAT targets Androids
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
Progress quietly fixes MOVEit auth bypass flaws (CVE-2024-5805, CVE-2024-5806)
Progress Software has patched one critical (CVE-2024-5805) and one high-risk (CVE-2024-5806) vulnerability in MOVEit, its widely used managed file transfer (MFT) software product.
Open-source Rafel RAT steals info, locks Android devices, asks for ransom
The open-source Rafel RAT is being leveraged by multiple threat actors to compromise Android devices and, in some cases, to lock them, encrypt their contents, and demand money to restore the device to its original state.
Leveraging AI and automation for enhanced security operations
In this Help Net Security interview, Michelle Weston, VP of Security & Resiliency at Kyndryl, discusses the key challenges in security operations and how to address them.
Future trends in cyber warfare: Predictions for AI integration and space-based operations
In this Help Net Security interview, Morgan Wright, Chief Security Advisor at SentinelOne, discusses how AI is utilized in modern cyber warfare by state and non-state actors.
CISOs’ new ally: Qualys CyberSecurity Asset Management 3.0
In this Help Net Security interview, Kunal Modasiya, VP of Product Management and Growth at Qualys, explores the key features, significant advantages, and innovative technologies behind Qualys CyberSecurity Asset Management 3.0.
Gitleaks: Open-source solution for detecting secrets in your code
Gitleaks is an open-source SAST tool designed to detect and prevent hardcoded secrets such as passwords, API keys, and tokens in Git repositories.
Zeek: Open-source network traffic analysis, security monitoring
Zeek is an open-source network analysis framework. Unlike an active security device such as a firewall, Zeek operates on a versatile ‘sensor’ that can be a hardware, software, virtual, or cloud platform.
Cybersecurity jobs available right now: June 26, 2024
We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.
Largest Croatian hospital under cyberattack
The University Hospital Centre Zagreb (KBC Zagreb) is under cyberattack that started on Wednesday night, the Croatian Radiotelevision has reported.
PoC exploit for critical Fortra FileCatalyst flaw published (CVE-2024-5276)
A critical SQL injection vulnerability in Fortra FileCatalyst Workflow (CVE-2024-5276) has been patched; a PoC exploit is already available online.
Malware peddlers experimenting with BPL sideloading and masking malicious payloads as PGP keys
A newly spotted campaign is leveraging BPL sideloading and other uncommon tricks to deliver the IDAT Loader (aka HijackLoader) malware and prevent its detection.
Compromised plugins found on WordPress.org
An unknown threat actor has compromised five (and possibly more) WordPress plugins and injected them with code that creates a new admin account, effectively allowing them complete control over WordPress installations / websites.
Ransomware disrupts Indonesia’s national data centre, LockBit gang claims US Federal Reserve breach
Ransomware attackers wielding a LockBit variant dubbed Brain Cipher have disrupted a temporary national data center facility which supports the operations of 200+ Indonesian government agencies and public services.
Why are threat actors faking data breaches?
Generative AI tools like ChatGPT can be easily used to generate fake data complete with realistic data sets that include email formats from a real company along with local telephone numbers, and more
Enterprises increasingly turn to cloud and AI for database management
In this Help Net Security video, Ryan Booz, PostgreSQL Advocate at Redgate, discusses the key findings of Redgate’s State of the Database Landscape Report.
1 out of 3 breaches go undetected
Organizations continue to struggle in detecting breaches as they become more targeted and sophisticated, with more than 1 out of 3 organizations citing their existing security tools were unable to detect breaches when they occur, according to Gigamon.
Securing the video market: From identification to disruption
In this Help Net Security video, Chris White, Chief Architect at Friend MTS, discusses monitoring, identifying, and disrupting piracy for the video market.
75% of new vulnerabilities exploited within 19 days
Last year alone, over 30,000 new vulnerabilities were published, with a new vulnerability emerging approximately every 17 minutes — averaging 600 new vulnerabilities per week, according to Skybox Security.
Developer errors lead to long-term exposure of sensitive data in Git repos
Credentials, API tokens, and passkeys – collectively referred to as secrets – from organizations around the globe were exposed for years, according to Aqua Security’s latest research.
Guide to mitigating credential stuffing attacks
Review this whitepaper to understand credential stuffing and how to defend against it.
New infosec products of the week: June 28, 2024
Here’s a look at the most interesting products from the past week, featuring releases from ARMO, Cofense, Datadog, and eSentire.