Author: nlqip
Security researchers warn that many organizations have instances of insecure Apex code in their Salesforce deployments which open serious vulnerabilities that put their data and business workflows at risk. Researchers from security firm Varonis reported finding high and critical severity vulnerabilities in the Apex code used by multiple Fortune 500 companies and government agencies, but…
Read More
The wildfire spread of generative AI has already had noticeable effects, both good and bad, on the day-to-day lives of cybersecurity professionals, a study released this week by the non-profit ISC2 group has found. The study – which surveyed more than 1,120 cybersecurity pros, mostly with CISSP certification and working in managerial roles – found…
Read MoreMS-ISAC ADVISORY NUMBER: 2024-004 DATE(S) ISSUED: 01/12/2024 OVERVIEW: A vulnerability has been discovered in the Apache OFBiz, which could allow for remote code execution. Apache OFBiz is an open source product for the automation of enterprise processes. It includes framework components and business applications for ERP, CRM, E-Business/E-Commerce, Supply Chain Management and Manufacturing Resource Planning.…
Read More
Feb 23, 2024NewsroomSupply Chain Attack / Malware A dormant package available on the Python Package Index (PyPI) repository was updated nearly after two years to propagate an information stealer malware called Nova Sentinel. The package, named django-log-tracker, was first published to PyPI in April 2022, according to software supply chain security firm Phylum, which detected…
Read MoreAIs Hacking Websites New research: LLM Agents can Autonomously Hack Websites Abstract: In recent years, large language models (LLMs) have become increasingly capable and can now interact with tools (i.e., call functions), read documents, and recursively call themselves. As a result, these LLMs can now function autonomously as agents. With the rise in capabilities of…
Read MoreCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-1709 ConnectWise ScreenConnect Authentication Bypass Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited…
Read More
Prescription orders across the United States are reportedly being delayed after a cyber attack impacted a healthcare technology firm that supplies services to pharmacies, including CVS Health. Change Healthcare says that it experienced a “cyber security issue” on Wednesday 21 February, that caused it to experience “enterprise-wide connectivity issues” and forced it to shut down…
Read More
Check out my “live reaction” (isn’t that what all the kids post on social media these days?) to the much-hyped revelation of the identity of LockBit’s administrator. For more background on what’s been happening regarding law enforcement’s disruption of LockBit this week, be sure to check out this episode of the “Smashing Security” podcast. Sign…
Read More
Created by John Tuckner and the team at workflow and automation platform Tines, the SOC Automation Capability Matrix (SOC ACM) is a set of techniques designed to help security operations teams understand their automation capabilities and respond more effectively to incidents. A customizable, vendor-agnostic tool featuring lists of automation opportunities, it’s been shared and recommended…
Read More
Feb 23, 2024NewsroomRed Teaming / Artificial Intelligence Microsoft has released an open access automation framework called PyRIT (short for Python Risk Identification Tool) to proactively identify risks in generative artificial intelligence (AI) systems. The red teaming tool is designed to “enable every organization across the globe to innovate responsibly with the latest artificial intelligence advances,”…
Read More