Netizen Blog and News

The Netizen team sharing expertise, insights and useful information in cybersecurity, compliance, and software assurance.

recent posts

about

Category: Threat Intelligence

  • Netizen: Monday Security Brief (8/5/2024)

    Netizen: Monday Security Brief (8/5/2024)

    A DDoS attack caused a 10-hour global outage for Microsoft services, impacting various platforms and organizations. Chinese hackers targeted Japanese entities with advanced LODEINFO malware. Netizen offers advanced cybersecurity solutions, including “CISO-as-a-Service” and automated assessment tools for continuous system scanning and risk analysis, ensuring robust protection for businesses.

  • Netizen Cybersecurity Bulletin (July 31st, 2024)

    Netizen Cybersecurity Bulletin (July 31st, 2024)

    This content covers phishing tactics targeting Amazon users, EU scrutiny of Meta, and a federal recovery from a CrowdStrike outage. It advises caution with unsolicited links and attachments, scrutinizing messages, and not divulging personal information online. It also highlights Netizen’s cybersecurity solutions including CISO-as-a-Service and vulnerability assessments.

  • Netizen: July 2024 Vulnerability Review

    Netizen: July 2024 Vulnerability Review

    Netizen’s Security Operations Center (SOC) has identified five critical vulnerabilities from July that require immediate patching or remediation. These include high-severity issues in Microsoft’s Windows Hyper-V, SharePoint, Rejetto HTTP File Server, Azure Kinect SDK, and OpenSSH. Netizen provides advanced security solutions and services, including compliance support, vulnerability assessments, and automated assessment tools.

  • Operation Endgame: Multinational Cyber Operation Dismantles Criminal Network

    Operation Endgame: Multinational Cyber Operation Dismantles Criminal Network

    The Federal Bureau of Investigation (FBI) has announced the successful execution of Operation Endgame, a groundbreaking multinational cyber operation aimed at dismantling a sophisticated network of cybercriminals. This unprecedented initiative involved coordinated efforts from law enforcement agencies across the United States, Denmark, France, Germany, the Netherlands, the United Kingdom, and other countries, with crucial support…

  • Researchers Uncover Unfixable Vulnerability in All ARM CPUs

    Researchers Uncover Unfixable Vulnerability in All ARM CPUs

    In recent developments, a significant vulnerability has been identified in ARM’s Memory Tagging Extension (MTE), a security feature designed to mitigate memory corruption issues in the ARMv8.5-A architecture. This vulnerability exploits speculative execution, a performance optimization feature in modern CPUs, to bypass MTE’s protections and leak sensitive information. Understanding Memory Tagging Execution (MTE) MTE aims…

  • Atlassian Patches High-Severity Vulnerabilities in Bamboo, Confluence, and Jira

    Atlassian Patches High-Severity Vulnerabilities in Bamboo, Confluence, and Jira

    Atlassian has released crucial security updates for its Bamboo, Confluence, and Jira products, addressing high-severity vulnerabilities. These updates fix issues such as server-side request forgery (SSRF) and file inclusion vulnerabilities, as well as denial-of-service (DoS) flaws. Users are advised to apply these patches promptly to prevent unauthorized access and service disruptions.

  • Critical Vulnerabilities in Ivanti Endpoint Manager and Endpoint Manager for Mobile

    Critical Vulnerabilities in Ivanti Endpoint Manager and Endpoint Manager for Mobile

    Ivanti has addressed high-severity vulnerabilities in its Endpoint Manager (EPM) and Endpoint Manager for Mobile (EPMM) products. The most critical is an SQL injection flaw (CVE-2024-37381) affecting the Core server of EPM 2024 flat, allowing authenticated attackers with network access to execute arbitrary code. Hotfixes and updates are available for mitigation.

  • Security Flaw in Squarespace Migration Leads to Multiple Domain Hijackings

    Security Flaw in Squarespace Migration Leads to Multiple Domain Hijackings

    Between July 9 and July 12, 2024, multiple organizations using Squarespace as a domain registrar experienced domain hijackings, mainly targeting cryptocurrency businesses. Attackers exploited a flaw in Squarespace’s migration process from Google Domains to redirect domains to phishing sites. Users are advised to enhance security measures, such as enabling multi-factor authentication and reviewing user access.

  • Expanding on the OpenSSH Vulnerability: New Findings and Continued Risks

    Expanding on the OpenSSH Vulnerability: New Findings and Continued Risks

    On July 1, 2024, the cybersecurity community was made aware of the ‘regreSSHion’ (CVE-2024-6387) vulnerability in OpenSSH, enabling unauthenticated remote code execution on Linux systems. A subsequent related issue, CVE-2024-6409, also poses a risk. It’s crucial to promptly update OpenSSH, adjust configurations, restrict access, and monitor SSH activity to mitigate these high-severity vulnerabilities.

  • Hackers Reverse Engineer Ticketmaster Bypassing Anti-Scalping Measures on “Non-Transferable” Tickets

    Hackers Reverse Engineer Ticketmaster Bypassing Anti-Scalping Measures on “Non-Transferable” Tickets

    Scalpers are reverse-engineering ticket platforms like Ticketmaster and AXS to create and sell “non-transferable” tickets through their own systems, bypassing anti-scalping measures. They use websites or apps like Secure.Tickets and Amosa App to generate genuine tickets, prompting legal actions against them. The industry needs more secure ecosystems to prevent exploitation by scalpers.