GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions https://firewall.firm.in/wp-content/uploads/2024/09/git.png Sep 19, 2024Ravie LakshmananEnterprise Security / DevOps GitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result in an authentication bypass. The vulnerability is rooted in the ruby-saml library (CVE-2024-45409, CVSS score: 10.0), which could allow an ...

23andMe settles data breach lawsuit for $30 million – ET CISO https://etimg.etb2bimg.com/thumb/msid-113347692,imgsize-84402,width-1200,height=765,overlay-etciso/data-breaches/23andme-settles-data-breach-lawsuit-for-30-million.jpg 23andMe will pay $30 million and provide three years of security monitoring to settle a lawsuit accusing the genetics testing company of failing to protect the privacy of 6.9 million customers whose personal information was exposed in a data breach last year. The accord also resolves accusations that ...

Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability https://firewall.firm.in/wp-content/uploads/2024/09/it-admin.png Sep 14, 2024Ravie LakshmananEnterprise Security / Threat Intelligence Ivanti has revealed that a newly patched security flaw in its Cloud Service Appliance (CSA) has come under active exploitation in the wild. The high-severity vulnerability in question is CVE-2024-8190 (CVSS score: 7.2), which allows remote code execution under certain ...

Blind Eagle Targets Colombian Insurance Sector with Customized Quasar RAT https://firewall.firm.in/wp-content/uploads/2024/09/zscaler.png Sep 09, 2024Ravie LakshmananFinancial Security / Malware The Colombian insurance sector is the target of a threat actor tracked as Blind Eagle with the end goal of delivering a customized version of a known commodity remote access trojan (RAT) referred to as Quasar RAT since June 2024. “Attacks have ...

One More Tool Will Do It? Reflecting on the CrowdStrike Fallout https://firewall.firm.in/wp-content/uploads/2024/09/one.png Sep 09, 2024The Hacker NewsData Protection / Threat Detection The proliferation of cybersecurity tools has created an illusion of security. Organizations often believe that by deploying a firewall, antivirus software, intrusion detection systems, identity threat detection and response, and other tools, they are adequately protected. However, this approach ...

New RAMBO Attack Uses RAM Radio Signals to Steal Data from Air-Gapped Networks https://firewall.firm.in/wp-content/uploads/2024/09/airgap.png Sep 09, 2024Ravie LakshmananVulnerability / Hardware Security A novel side-channel attack has been found to leverage radio signals emanated by a device’s random access memory (RAM) as a data exfiltration mechanism, posing a threat to air-gapped networks. The technique has been codenamed RAMBO by Dr. Mordechai ...

GeoServer Vulnerability Targeted by Hackers to Deliver Backdoors and Botnet Malware https://firewall.firm.in/wp-content/uploads/2024/09/jeo.jpg Sep 06, 2024Ravie LakshmananCryptocurrency / APT Attack A recently disclosed security flaw in OSGeo GeoServer GeoTools has been exploited as part of multiple campaigns to deliver cryptocurrency miners, botnet malware such as Condi and JenX, and a known backdoor called SideWalk. The security vulnerability is a critical remote ...

SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation https://firewall.firm.in/wp-content/uploads/2024/09/sonic.jpg Sep 06, 2024Ravie LakshmananNetwork Security / Threat Detection SonicWall has revealed that a recently patched critical security flaw impacting SonicOS may have come under active exploitation, making it essential that users apply the patches as soon as possible. The vulnerability, tracked as CVE-2024-40766, carries a CVSS score of ...

FBI Cracks Down on Dark Web Marketplace Managed by Russian and Kazakh Nationals https://firewall.firm.in/wp-content/uploads/2024/09/lock.jpg Sep 07, 2024Ravie LakshmananCybercrime / Dark Web Two men have been indicted in the U.S. for their alleged involvement in managing a dark web marketplace called WWH Club that specializes in the sale of sensitive personal and financial information. Alex Khodyrev, a 35-year-old Kazakhstan national, and ...

North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams https://firewall.firm.in/wp-content/uploads/2024/09/korea.jpg Sep 07, 2024Ravie LakshmananCyber Security / Malware Threat actors affiliated with North Korea have been observed leveraging LinkedIn as a way to target developers as part of a fake job recruiting operation. These attacks employ coding tests as a common initial infection vector, Google-owned Mandiant said in a ...