Ensuring adherence to GDPR, the ANY RUN sandbox service employs TLS 1.3 for data in transit and AES-256 for data at rest; it is hosted in Germany and provides supplementary tools, predominantly for enterprise plans, to empower users with greater control over their data. When working in an ANY.RUN sandbox, where you frequently need to submit sensitive files for evaluation, the prospect of handing your data to a third party could be daunting. According to the details, ANY.RUN service appears to adhere to a security framework in line with the AICPA Trust Services Criteria. ANY.RUN’s Enterpri ..read more

Security Risk Advisors (SRA) announces the launch of their OT/XIoT Detection Selection Workshop, a complimentary offering designed to assist organizations in selecting the most suitable operational technology (OT) and Extended Internet of Things (XIoT) security tools for their unique environments.  Led by seasoned OT/XIoT security consultants, the workshop provides participants with an invaluable opportunity to gain insights into both best-in-class and novel solutions and identify those closest to their specific needs. In today’s increasingly interconnected digital landscape, choosing the ..read more

A critical vulnerability in CrushFTP, identified as CVE-2024-4040, has been actively exploited in the wild. It allows attackers to perform unauthenticated remote code execution on vulnerable servers. This severe security flaw affects versions of CrushFTP before 10.7.1 and 11.1.0, enabling attackers to bypass the Virtual File System (VFS) sandbox, gain administrative privileges, and potentially access sensitive files or execute arbitrary code remotely. Document Free Webinar : Live API Attack Simulation 94% of organizations experience security problems in production APIs, and one in five suffers ..read more

Veeam Service Provider console has been discovered with two critical vulnerabilities that were associated with Remote Code Execution. A CVE for these vulnerabilities is yet to be assigned. These vulnerabilities exist in version 7.x and version 8.x of the Veeam Service Provider Console. Document Free Webinar : Live API Attack Simulation 94% of organizations experience security problems in production APIs, and one in five suffers a data breach. As a result, cyber-attacks on APIs increased from 35% in 2022 to 46% in 2023, and this trend continues to rise: Key Takeaways: An exploit of OWASP API T ..read more

A new critical vulnerability has been discovered in PDF.js, which could allow a threat actor to execute arbitrary code when opening a malicious PDF. PDF.js allows browsers to render PDF files without any plugins or external software.  This vulnerability affects multiple browsers and applications that use React-PDF. An interesting fact is that Mozilla PDF.js is the original open-source library that focuses on rendering PDF documents within a browser, and the React-PDF PDF.js is built upon Mozilla PDF.js and used for integrating PDF.js into React applications. With millions of users using P ..read more

Juniper Threat Labs has reported active exploitation attempts targeting vulnerabilities in Ivanti Pulse Secure VPN appliances. These vulnerabilities, identified as CVE-2023-46805 and CVE-2024-21887, have been exploited to deliver the Mirai botnet, among other malware, posing a significant threat to network security worldwide. Document Free Webinar : Live API Attack Simulation 94% of organizations experience security problems in production APIs, and one in five suffers a data breach. As a result, cyber-attacks on APIs increased from 35% in 2022 to 46% in 2023, and this trend continues to rise ..read more

Hackers are now using steganography techniques to distribute the notorious Remote Access Trojan (RAT) known as RemcosRAT. This method, which involves hiding malicious code within seemingly innocuous image files, marks a concerning evolution in malware delivery tactics. The Initial Breach: Word Documents and RTF Files The attack begins with a seemingly harmless Word document that contains an external link. This document employs a template injection technique designed to exploit vulnerabilities within the document’s processing. The AhnLab Security Intelligence Centre (ASEC) has recently found th ..read more

Google has announced an update to its two-factor authentication (2FA) process, also known as 2-step Verification (2SV), aimed at simplifying the setup and making it easier for users to secure their accounts. The changes rolled out on Monday, May 6, 2024, will affect both personal and Google Workspace accounts. One of the key changes is the elimination of the requirement to provide a phone number before adding an authenticator app or hardware security key as the second verification step. Document Integrate ANY.RUN in Your Company for Effective Malware Analysis Are you from SOC, Threat Research ..read more

Hunters, the pioneer in modern SOC platforms, today announced its full adoption of the Open Cybersecurity Schema Framework (OCSF), coupled with the launch of groundbreaking OCSF-native Search capability. This strategic advancement underscores Hunters’ commitment to standardizing and enhancing cybersecurity operations through open, integrated data sharing frameworks. Uri May, CEO of Hunters, explained the strategic significance of this move, stating, “Adopting OCSF as our primary data model represents a transformative step in our journey to elevate cybersecurity operations. Alongside this, our ..read more

Chinese state-sponsored hackers are highly sophisticated, leveraging advanced techniques and vast resources to conduct cyber espionage and steal sensitive data from Western governments, militaries, and critical infrastructure. The British government is expected to announce that personal details of UK military personnel were targeted in a cyber attack suspected to be carried out by Chinese state-sponsored hackers.  While the hack impacted an IT system of a UK Ministry of Defence contractor, it did not breach the central network of the MoD. Defence Contractor’s IT System Hacked Sky News lea ..read more