Author: nlqip

Ivanti has released a security update to address an admin bypass vulnerability (CVE-2024-8963) affecting Ivanti Cloud Services Appliance (CSA) version 4.6.  A cyber threat actor could exploit this vulnerability in conjunction with CVE-2024-8190–detailed in a Sept. 13 Ivanti security advisory–to take control of an affected system. This vulnerability impacts all versions prior to patch 519.…

Read More

Image: MidjourneyToday, Ivanti warned that threat actors are exploiting another Cloud Services Appliance (CSA) vulnerability in attacks targeting a limited number of customers. Tracked as CVE-2024-8963, this path traversal security flaw allows remote unauthenticated attackers to access restricted functionality on vulnerable CSA systems (used as gateways to provide enterprise users secure access to internal network…

Read More

Written by ARC Labs contributors, John Dwyer and Eric Gonzalez In cybersecurity, the threats we don’t see—or don’t expect—often pose the greatest danger. Recently, this became all too clear when three unmanaged AIX servers, sitting exposed on the internet, opened the door for a China-Nexus Threat Actor to launch an attack. What may seem like obscure, legacy…

Read More

Until just a couple of years ago, only a handful of IAM pros knew what service accounts are. In the last years, these silent Non-Human-Identities (NHI) accounts have become one of the most targeted and compromised attack surfaces. Assessments report that compromised service accounts play a key role in lateral movement in over 70% of…

Read More

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-8963 Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk…

Read More

Two months after the massive IT outage caused by a CrowdStrike update, ‘customers still want to consolidate on the Falcon platform,’ according to a Morgan Stanley analyst. Two months after the massive IT outage caused by a faulty CrowdStrike update, customers remain interested in expanding their usage of the company’s cybersecurity offerings, according to a…

Read More

Google announced that starting today, passkeys added to Google Password Manager will automatically sync between Windows, macOS, Linux, Android, and ChromeOS devices for logged-in users. Passkeys, which use biometric authentication such as fingerprints, facial recognition, or screen locks, provide a more secure and convenient alternative to traditional passwords, significantly reducing the risk of data breaches.…

Read More

A Federal Trade Commission (FTC) staff report has found that social media and video streaming companies have been engaging in widespread user surveillance, particularly of children and teens, with insufficient privacy protections and earning billions of dollars annually by monetizing their data. The FTC’s findings were released after a probe that began in December 2020 and…

Read More

Sep 19, 2024Ravie LakshmananCyber Attack / Hacking Threat actors have been observed targeting the construction sector by infiltrating the FOUNDATION Accounting Software, according to new findings from Huntress. “Attackers have been observed brute-forcing the software at scale, and gaining access simply by using the product’s default credentials,” the cybersecurity company said. Targets of the emerging…

Read More

Onboarding new employees is an important time for any organization — after all, it’s your opportunity to integrate new team members into your company and its culture. But the onboarding time frame also creates a unique set of security risks as you share sensitive information with people who are new to the organization.  This article…

Read More