π¨ Exploitation of vulnerabilities affecting Ivanti Connect Secure and Ivanti Policy Secure π¨
π Read more.
π Via "UK NCSC"
----------
ποΈ Seen on @cibsecurity
Organisations are encouraged to take immediate action to mitigate vulnerabilities affecting Ivanti Connect Secure ICS and Ivanti Policy Secure IPS gateways CVE202346805, CVE202421887, CVE202421888 and CVE202421893, and follow the latest vendor advice.π Read more.
π Via "UK NCSC"
----------
ποΈ Seen on @cibsecurity
www.ncsc.gov.uk
Exploitation of vulnerabilities affecting Ivanti Connect Secure and Ivanti Policy Secure
Organisations are encouraged to take immediate action to mitigate vulnerabilities affecting Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) gateways (CVE-2023-46805, CVE-2024-21887, CVE-2024-21888 and CVE-2024-21893, CVE-2024-22024), and followβ¦
π¨ Exploitation of vulnerabilities affecting Ivanti Connect Secure and Ivanti Policy Secure π¨
π Read more.
π Via "UK NCSC"
----------
ποΈ Seen on @cibsecurity
Organisations are encouraged to take immediate action to mitigate vulnerabilities affecting Ivanti Connect Secure ICS and Ivanti Policy Secure IPS gateways CVE202346805, CVE202421887, CVE202421888 and CVE202421893, and follow the latest vendor advice.π Read more.
π Via "UK NCSC"
----------
ποΈ Seen on @cibsecurity
www.ncsc.gov.uk
Exploitation of vulnerabilities affecting Ivanti Connect Secure and Ivanti Policy Secure
Organisations are encouraged to take immediate action to mitigate vulnerabilities affecting Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) gateways (CVE-2023-46805, CVE-2024-21887, CVE-2024-21888 and CVE-2024-21893, CVE-2024-22024), and followβ¦
π§ Data security posture management vs cloud security posture management π§
π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
A data breach has just occurred, is a phrase no security professional wants to hear. From the CISO on down to the SOC analysts, a data breach is the definition of a very bad day. It can cause serious brand damage and financial loss for enterprises, lead to abrupt career changes among security professionals, and The post Data security posture management vs cloud security posture management appeared first on Security Intelligence.π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Security Intelligence
Data security posture management vs cloud security posture management
Data security is a top priority. Explore the similarities and differences between cloud security and data security posture management and how they work to keep your data safe.
π¦
GhostSec Continues to Extend their Support for Cyber Threat Actors and Hacktivists π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
CRIL raises concerns about the rise in GhostSec's activities supporting threat actorshacktivists and their newly launched project, which aims to raise funds to help them anonymize their identities. The post GhostSec Continues to Extend their Support for Cyber Threat Actors and Hacktivists appeared first on Cyble. The post GhostSec Continues to Extend their Support for Cyber Threat Actors and Hacktivists appeared first on Cyble.π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
GhostSec Expands Support For Cyber Threat Actors
GhostSec's new Low-Cost-Database project aims to raise funds for hacktivists seeking anonymity, posing challenges for cybersecurity and law enforcement.
π¦Ώ Limited Time Deal: a Lifetime of Powerful VPN Protection is Just $35 Through 2/4 π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Get the ultimate online protection of privacy and security for up to five devices, including speedy servers, unlimited bandwidth, kill switch and more.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Limited Time Deal: a Lifetime of Powerful VPN Protection is Just $35 Through 2/4
Get the ultimate online protection of privacy and security for up to five devices, including speedy servers, unlimited bandwidth, kill switch and more.
ποΈ Alert: Ivanti Discloses 2 New Zero-Day Flaws, One Under Active Exploitation ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Ivanti is alerting of two new highseverity flaws in its Connect Secure and Policy Secure products, one of which is said to have come under targeted exploitation in the wild. The list of vulnerabilities is as follows CVE202421888 CVSS score 8.8 A privilege escalation vulnerability in the web component of Ivanti Connect Secure 9.x, 22.x and Ivanti Policy Secure 9.x, 22.x allows.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π΅οΈββοΈ Recognizing Security as a Strategic Component of Business π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
In today's environments, security can be a revenue enabler, not just a cost center. Organizations should take advantage of the opportunities.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Recognizing Security as a Strategic Component of Business
In today's environments, security can be a revenue enabler, not just a cost center. Organizations should take advantage of the opportunities.
π1
π Sysdig Report Exposes 91% Failure in Runtime Scans π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The research also revealed 69 of enterprises have yet to integrate AI into cloud environments.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Sysdig Report Exposes 91% Failure in Runtime Scans
The research also revealed 69% of enterprises have yet to integrate AI into cloud environments
π΅οΈββοΈ Dubai Cyber Force Names First Accredited Companies π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The initiative has named the first eight companies approved to cybersecure the Dubai government.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Dubai Cyber Force Names First Accredited Companies
The initiative has named the first eight companies approved to cyber-secure the Dubai government.
π US Senators Propose Cybersecurity Agriculture Bill π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The Farm and Food Cybersecurity Act has crossparty support and aims enhance the US agriculture sectors cyber defenses.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
US Senators Propose Cybersecurity Agriculture Bill
The Farm and Food Cybersecurity Act has cross-party support and aims enhance the US agriculture sectorβs cyber defenses
π EU Launches First Cybersecurity Certification for Digital Products π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The voluntary scheme aims to encourage ICT providers to boost the cybersecurity of products and services across the EU.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
EU Launches First Cybersecurity Certification for Digital Products
The voluntary scheme aims to encourage ICT providers to boost the cybersecurity of products and services across the EU
π Pawn Stormβs Stealthy Net-NTLMv2 Assault Revealed π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Trend Micro reported recent attacks focused on government sectors, including foreign affairs, energy, defense and transportation.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Pawn Stormβs Stealthy Net-NTLMv2 Assault Revealed
Trend Micro reported recent attacks focused on government sectors, including foreign affairs, energy, defense and transportation
π OpenSSL Toolkit 3.2.1 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with fullstrength cryptography worldwide. The latest stable version is the 3.2 series supported until 23rd November 2025.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Packetstormsecurity
OpenSSL Toolkit 3.2.1 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π OpenSSL Toolkit 3.1.5 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with fullstrength cryptography worldwide. The 3.1 series is supported until 14th March 2025.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Packetstormsecurity
OpenSSL Toolkit 3.1.5 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π OpenSSL Toolkit 3.0.13 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with fullstrength cryptography worldwide. The 3.0 series is a Long Term Support LTS version and is supported until 7th September 2026.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Packetstormsecurity
OpenSSL Toolkit 3.0.13 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΅οΈββοΈ Looted RIPE Credentials for Sale on the Dark Web π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
A monitoring exercise identified user details in 716 compromised RIPE NCC accounts, plus other valuable credentials belonging to those victims.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Looted RIPE Credentials for Sale on the Dark Web
A monitoring exercise identified user details in 716 compromised RIPE NCC accounts, including other valuable credentials belonging to those victims.
π¦Ώ What Is Cyber Threat Hunting? (Definition & How it Works) π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Cyber threat hunting is the proactive process of searching for and detecting potential threats or malicious activities within a network or system.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
What Is Threat Hunting In Cybersecurity?
Cyber threat hunting is the proactive process of searching for and detecting potential threats or malicious activities within a network or system.
π΅οΈββοΈ More Ivanti VPN Zero-Days Fuel Attack Frenzy as Patches Finally Roll π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Both Chinabacked APTs and ordinary cyberattackers have seized on a pair of Ivanti VPN bugs for global exploitation.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
More Ivanti VPN Zero-Days Fuel Attack Frenzy as Patches Finally Roll
Both China-backed APTs and ordinary cyberattackers have seized on a pair of Ivanti VPN bugs for global exploitation.
ποΈ RunC Flaws Enable Container Escapes, Granting Attackers Host Access ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Multiple security vulnerabilities have been disclosed in the runC command line tool that could be exploited by threat actors to escape the bounds of the container and stage followon attacks. The vulnerabilities, tracked as CVE202421626, CVE202423651, CVE202423652, and CVE202423653, have been collectively dubbed Leaky Vessels by cybersecurity vendor Snyk. "These container.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π΅οΈββοΈ Johnson Controls Ransomware Cleanup Costs Top $27M and Counting π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
JCI's latest SEC filing notes that its smartfactory installations weren't compromised, allaying physical security fears.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Johnson Controls Ransomware Cleanup Costs Top $27M & Counting
JCI's latest SEC filing notes that its smart-factory installations weren't compromised, allaying physical security fears.
π΅οΈββοΈ 'Leaky Vessels' Cloud Bugs Allow Container Escapes Globally π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The four security vulnerabilities are found in Docker and beyond, and one affecting runC affects essentially every cloudnative developer worldwide.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
'Leaky Vessels' Cloud Bugs Allow Container Escapes Globally
The four security vulnerabilities are found in Docker and beyond, and one affecting runC impacts essentially every cloud-native developer worldwide.