Armis has purchased a security prioritization and remediation vendor led by a Goldman Sachs veteran to more effectively address vulnerabilities and misconfigurations with AI and automation.

Ivanti has released security updates to fix 27 vulnerabilities in its Avalanche mobile device management (MDM) solution, two of them critical heap overflows that can be exploited for remote command execution.

Czech transport minister Martin Kupka confirmed that Russia-linked threat actors conducted “thousands of attempts to weaken our systems” since the beginning of the Russian invasion of Ukraine.

The previously unreported backdoor, dubbed ‘Kapeka’, has a high level of stealth and sophistication, designed to both serve as an early-stage toolkit for its operators, and also to provide long-term access to the victim estate.

A measure led by two House Republicans would enable the Environmental Protection Agency to certify a governing body to develop and recommend cybersecurity requirements for water treatment and wastewater systems.

Threat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. The vulnerability (CVE-2023-22518) allows an unauthenticated attacker to reset Confluence and create an administrator account.

Recently, the Debian security team fixed several issues in GTKWave, an open-source waveform viewer for VCD files. These vulnerabilities, if exploited, could result in the execution of arbitrary code, posing a significant risk to users.

According to many reports, this is part of a campaign targeted at current and former mobile carrier workers who could have access to the systems required to perform a SIM swap.

Recently, FortiGuard Labs observed multiple attacks focusing on this year-old vulnerability, spotlighting botnets like Moobot, Miori, the Golang-based agent “AGoent,” and the Gafgyt Variant.

Researchers at watchTowr Labs have released a technical analysis of the vulnerability CVE-2024-3400 in Palo Alto Networks’ PAN-OS and a proof-of-concept exploit that can be used to execute shell commands on vulnerable firewalls.