Insights

If you were to look at a stock image of a hacker, it would show a hooded figure hunched over the desk who’s lost in the sea of green text and numbers that flash across the screen.

As 2024 draws to a close, numerous high-profile cyber incidents have dominated the headlines. With only two and a half months remaining and the Christmas season approaching, it's likely we'll see even more before year’s end. In this blog, the Integrity360 Incident Response team explores some of the most significant cyber attacks of the year... so far.

Overview: Ivanti has released updates for Ivanti CSA (Cloud Services Application) which addresses a medium severity and two high severity vulnerabilities. Exploiting these vulnerabilities effectively enables remote attackers to execute SQL statements through SQL injection, run arbitrary code via command injection, and bypass security restrictions by taking advantage of a path traversal weakness in vulnerable CSA gateways, which provide secure access to internal network resources for enterprise users.

In the spirit of Cyber Security Awareness Month, Integrity360 is calling for businesses to look beyond basic cyber security measures. As cyber threats evolve, traditional techniques like strong passwords and periodic software updates leave organisations vulnerable to more sophisticated attacks. 

For many, presenting cyber security requirements to the board has often felt like an uphill battle, especially when it comes to regulatory frameworks. With the introduction of the NIS2 Directive, this dynamic has become even more pressing. While CISOs are acutely aware of the potential risks of non-compliance, boards may still struggle to grasp the urgency or allocate the necessary resources. Bridging this gap is essential for businesses to meet the new regulatory requirements and safeguard their operations.

In today's digital-first world, cloud security is more critical than ever. Microsoft Defender for Cloud Apps (MDCA) offers a comprehensive and intelligent solution for securing cloud environments. At Integrity360, we help organisations harness its full potential. From tailored implementation and integration to ongoing monitoring, compliance management, and optimisation, our managed services ensure your cloud infrastructure is secure, compliant, and resilient against threats.

Fortinet –  CVE-2024-23113 (CVSS score: 9.8)

This vulnerability was initially published on 08 February 2024.

Data security is and will always be one of the top priorities for every organisation. It’s not just a valuable asset - it’s high-risk and often the primary target for threat actors. The risk of exposure has grown significantly as data moves into cloud apps. Consider this: according to the 2024 AppOmni State of SaaS Security Report, 30% of 644 organisations surveyed suffered a data breach in their SaaS applications last year

Organisations across Europe are bracing for the full implementation of the NIS2 Directive (Network and Information Systems Directive 2). This updated legislation, which strengthens the security requirements for critical infrastructure, will become applicable by 18th October 2024. While it is an EU directive, its impact extends beyond the EU borders, affecting UK-based companies as well, despite the UK no longer being an EU member. 

In the fast-paced realm of cyber security, it's easy to assume that as new technologies emerge, the old ones fall away. Does this really apply to Cloud Security Posture Management (CSPM), with some questioning whether it's still relevant. Is CSPM dead, as some would suggest, or has it simply evolved into a more complex form? The short answer: CSPM is very much alive, but it now operates within a broader framework. Let’s explore what CSPM was designed to do, how it’s now integrated into Cloud-Native Application Protection Platforms (CNAPP), and why it remains the foundation for many of your cloud security challenges. 

In today's digital world, cyber security threats evolve at an alarming rate, making it increasingly difficult for businesses to keep up. Traditional methods such as Penetration Testing or Red Team Testing are often limited to one-off or periodic engagements, which while essential and valuable, may leave gaps in continuous visibility of exposure. This is where Continuous Threat Exposure Management (CTEM) steps in, offering a proactive, cyclical approach to ensure businesses are always ahead of the curve.  

Overview: A newly reported vulnerability in the Common Unix Printing System (CUPS) poses a significant security threat to UNIX-based systems, including Linux and macOS. Security researcher Simone Margaritelli has published the first of a series of blog posts detailing the issue, which can be exploited by sending a specially crafted HTTP request to the CUPS service. This vulnerability allows remote attackers to gain access to affected systems and execute arbitrary code, potentially escalating privileges and compromising critical assets.