Insights

Fortinet –  CVE-2024-23113 (CVSS score: 9.8)

This vulnerability was initially published on 08 February 2024.

Overview: A newly reported vulnerability in the Common Unix Printing System (CUPS) poses a significant security threat to UNIX-based systems, including Linux and macOS. Security researcher Simone Margaritelli has published the first of a series of blog posts detailing the issue, which can be exploited by sending a specially crafted HTTP request to the CUPS service. This vulnerability allows remote attackers to gain access to affected systems and execute arbitrary code, potentially escalating privileges and compromising critical assets.

The legal sector has seen a dramatic 77% increase in successful cyber attacks over the past year, with incidents rising from 538 in 2022/23 to 954 in 2023/24. This rise is largely due to the sensitive and valuable nature of the information that law firms hold, making them prime targets for cybercriminals.

The PCI Council has released valuable insights on Vulnerability Scans & ASV Guidance, particularly beneficial for SAQ A merchants.

In a recent incident, a prominent cyber security company discovered they had inadvertently hired a North Korean operative posing as an IT professional. This individual, using various AI tools, managed to infiltrate the company by joining as an employee, accessed its systems and attempted to plant malware. The incident has brought to light the increasing sophistication of cyber threats during the recruitment process. If a major cyber security firm can fall victim, other less security-savvy organisations face even greater risks and underscores the necessity for robust verification processes and heightened vigilance in recruitment.

Crowdstrike have now published their preliminary post incident report (PIR) into the issue that impacted 8.5m Windows hosts. Their preliminary report is available in full on the CrowdStrike website:https://www.crowdstrike.com/falcon-content-update-remediation-and-guidance-hub/)

Issue Overview and Impact

Palo Alto Networks has disclosed a critical (CVSS10) command injection vulnerability in Global Protect Gateway, which is the VPN component of PAN-OS powered networking appliances.

2023 has been another tumultuous year for cyber security, with a number of high-profile breaches and incidents making headlines around the world. From state-sponsored cyber-attacks to extortion campaigns, it’s clear that the threat landscape is constantly evolving. In this blog post, we take a look at some of the most reported on incidents of 2023. 

Today is Computer Security Day so what better time to take a closer look at a hot topic in the realm of cyber security, Threat Exposure Management.

With Microsoft Windows having a 74% share of the desktop OS market worldwide, it's a pivotal platform within most organisations' IT environments. Furthermore, considering that four out of every five Fortune 500 companies harness the power of Microsoft Office 365—nearly half of the office productivity software market—it’s clear why securing the Microsoft ecosystem is so crucial. 

Background On The Vulnerability: