Week in review: PoC for Splunk Enterprise RCE flaw released, scope of Okta breach widens

Vulnerability disclosure: Legal risks and ethical considerations for researchersIn this Help Net Security interview, Eddie Zhang, Principal Consultant at Project Black, explores the complex and often controversial world of vulnerability disclosure in cybersecurity.
How passkeys are reshaping user security and convenienceIn this Help Net Security interview, Anna Pobletts, Head of Passwordless at 1Password, talks about passkey adoption and its acceleration in 2024.
Strategies for cultivating a supportive culture in zero-trust adoptionIn this Help Net Security interview, Wolfgang Goerlich, Advisory CISO at Cisco, discusses the benefits of implementing a mature zero-trust model for both security and business outcomes, revealing a decrease in reported security incidents and enhanced adaptability.
Bridging the risk exposure gap with strategies for internal auditorsIn this Help Net Security interview, Richard Chambers, Senior Internal Audit Advisor at AuditBoard, discusses the transformational role of the internal audit function and risk management in helping organizations bridge the gap in risk exposure.
AWS Kill Switch: Open-source incident response toolAWS Kill Switch is an open-source incident response tool for quickly locking down AWS accounts and IAM roles during a security incident.
Vigil: Open-source LLM security scannerVigil is an open-source security scanner that detects prompt injections, jailbreaks, and other potential threats to Large Language Models.
It integrates multiple services, providing security researchers with rapid access to a broad range of information.
PoC for Splunk Enterprise RCE flaw releasedA proof-of-concept exploit for a high-severity flaw in Splunk Enterprise that can lead to remote code execution has been made public.
Critical ownCloud flaw under attackAttackers are trying to exploit a critical information disclosure vulnerability in ownCloud, a popular file sharing and collaboration platform used in enterprise settings.
Okta breach: Hackers stole info on ALL customer support usersThe scope of the recent breach of the Okta customer support system is much wider than initially established, the company has admitted on Tuesday: the attackers downloaded a report that contained the names and email addresses of all Okta customer support system users.
PoCs for critical Arcserve UDP vulnerabilities releasedArcserve has fixed critical security vulnerabilities in its Unified Data Protection solution, PoCs for which have been published by Tenable researchers on Monday.
Google fixes Chrome zero day exploited in the wildGoogle has released an urgent security update to fix a number of vulnerabilities in Chrome browser, including a zero-day vulnerability that is being actively exploited in the wild.
In the face of an increasingly nimble attacker community and an overall jump in attack sophistication, this balance has tipped towards a more urgent need for rapid security responsiveness.
Security leaders on high alert as GenAI poses privacy and security risksIn this Help Net Security video, Neil Cohen, Head of Go-To-Market at Portal26, discusses why security leaders are concerned about GenAI privacy and security risks.
Guarding the gateway: Securing dispersed networksIn this Help Net Security video, Martin Roesch, CEO of Netography, discusses why the shift is happening now, the top challenges organizations face to secure their dispersed networks, and how to successfully evolve with and secure today's networks.
Enterprises prepare for the inevitable cyber attackIn this Help Net Security video, Rahul Pawar, Global VP of Security Go-To-Market, CTO of Global Services & Solutions at Commvault, discusses why business leaders must play a key role in ensuring companies prioritize cyber preparedness.
What custom GPTs mean for the future of phishingIn this Help Net Security video, Tal Zamir, CTO of Perception Point, believes this will be a powerful tool malicious actors will use to amp up phishing campaigns, as they'll gain an efficient way to boost customized phishing email output beyond their use of traditional ChatGPT. Key drivers of software security for financial servicesIn this Help Net Security video, Chris Eng, Chief Research Officer at Veracode, discusses how financial organizations would benefit from increased automation and secure coding techniques to help them prevent, detect, and respond to vulnerabilities faster than ever.
Report: The state of authentication security 2023This survey set out to explore these challenges, to identify common practices, and to provide insight into how organizations can bolster their defenses.
Generative AI security: Preventing Microsoft Copilot data exposureCopilot is an AI assistant that lives inside each of your Microsoft 365 apps - Word, Excel, PowerPoint, Teams, Outlook, and so on.
Product showcase: New ESET Home SecurityESET HOME Security subscriptions are available on all major operating systems -Windows, macOS, Android, and iOS. With the new offering, ESET introduces two groundbreaking features to bolster online security and privacy-VPN and Identity Protection.


This Cyber News was published on www.helpnetsecurity.com. Publication date: Sun, 03 Dec 2023 09:13:04 +0000


Cyber News related to Week in review: PoC for Splunk Enterprise RCE flaw released, scope of Okta breach widens

Okta: Breach Affected All Customer Support Users - When KrebsOnSecurity broke the news on Oct. 20, 2023 that identity and authentication giant Okta had suffered a breach in its customer support department, Okta said the intrusion allowed hackers to steal sensitive data from fewer than one percent of ...
1 year ago Krebsonsecurity.com
Using Falco to Create Custom Identity Detections - Recent months have witnessed a surge in attacks targeting popular identity providers like Okta, underscoring the critical need for timely and effective detection capabilities. Open-source Falco offers a Dedicated plugin for the Okta identity ...
11 months ago Feeds.dzone.com
Okta Breach Widens to Affect 100% of Customer Base - Thus, Okta is warning all of its customers to be prepared for similar phishing and social engineering cyber-scams. "Given that names and email addresses were downloaded, we assess that there is an increased risk of phishing and social engineering ...
1 year ago Darkreading.com
CVE-2018-0688 - Open redirect vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware versions released prior to 2018 March 13, DS-780N firmware versions released prior to 2018 March 13, EP-10VA firmware versions released prior to 2017 September 4, ...
5 years ago
CVE-2018-0689 - HTTP header injection vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware versions released prior to 2018 March 13, DS-780N firmware versions released prior to 2018 March 13, EP-10VA firmware versions released prior to 2017 September ...
5 years ago
Splunk Patches High-Severity Vulnerabilities in Enterprise Product - Splunk on Monday announced patches for 16 vulnerabilities in Splunk Enterprise and Cloud Platform, including six high-severity bugs. Three of the high-severity issues are remote code execution flaws that require authentication for successful ...
5 months ago Securityweek.com
Splunk Patches High-Severity Vulnerabilities in Enterprise Product - Splunk on Monday announced patches for 16 vulnerabilities in Splunk Enterprise and Cloud Platform, including six high-severity bugs. Three of the high-severity issues are remote code execution flaws that require authentication for successful ...
5 months ago Packetstormsecurity.com
5,000 Okta employees' data accessed in a third-party breach The Register - Updated Okta has sent out breach notifications to almost 5,000 current and former employees, warning them that miscreants breached one of its third-party vendors and stole a file containing staff names, social security numbers, and health or medical ...
1 year ago Theregister.com
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
2 months ago Aws.amazon.com
Week in review: PoC for Splunk Enterprise RCE flaw released, scope of Okta breach widens - Vulnerability disclosure: Legal risks and ethical considerations for researchersIn this Help Net Security interview, Eddie Zhang, Principal Consultant at Project Black, explores the complex and often controversial world of vulnerability disclosure in ...
1 year ago Helpnetsecurity.com
OneLogin vs. Okta: Which IAM Solution Is Better? - OneLogin and Okta are two industry-leading identity and access management platforms used to secure user access to corporate resources and manage information about user identity. OneLogin and Okta are enterprise-grade IAM platforms offering security ...
8 months ago Techrepublic.com
Experts released PoC exploit code for RCE in Fortinet SIEM - Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw. Crowdfense is offering a larger 30M USD exploit acquisition program. Threat actors actively exploit JetBrains TeamCity flaws to deliver malware. PoC ...
6 months ago Securityaffairs.com
Okta says data leaked on hacking forum not from its systems - Okta denies that its company data was leaked after a threat actor shared files allegedly stolen during an October 2023 cyberattack on a hacker forum. Okta is a San Fransisco-based cloud identity and access management solutions provider whose Single ...
8 months ago Bleepingcomputer.com
Okta warns of credential stuffing attacks targeting its CORS feature - Okta warns that a Customer Identity Cloud feature is being targeted in credential stuffing attacks, stating that numerous customers have been targeted since April. Okta is a leading identity and access management company providing cloud-based ...
6 months ago Bleepingcomputer.com
Threat actors actively exploit D-Link DIR-859 router flaw - MUST READ. Threat actors actively exploit D-Link DIR-859 router flaw CVE-2024-0769. Expert released PoC exploit code for Veeam Backup Enterprise Manager flaw CVE-2024-29849. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities ...
5 months ago Securityaffairs.com
Threat actors actively exploit D-Link DIR-859 router flaw - MUST READ. Threat actors actively exploit D-Link DIR-859 router flaw CVE-2024-0769. Expert released PoC exploit code for Veeam Backup Enterprise Manager flaw CVE-2024-29849. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities ...
5 months ago Securityaffairs.com
Okta Hack: Threat Actors Stolen all Customer Data - In a pivotal update to the Okta security incident divulged in October 2023, Okta Security has unearthed additional intricacies surrounding the unauthorized intrusion into its customer support system. This revelation holds profound implications for ...
1 year ago Cybersecuritynews.com
Okta Admits All Customer Support Users Impacted By Breach - Okta has revealed that an October security breach compromised all users of its customer support system rather than a small subset as previously thought. CSO David Bradbury said last month that only 134 customers were impacted after a threat actor ...
1 year ago Infosecurity-magazine.com
Critical unauthenticated RCE flaw in OpenSSH server - MUST READ. Critical unauthenticated remote code execution flaw in OpenSSH server. Expert released PoC exploit code for Veeam Backup Enterprise Manager flaw CVE-2024-29849. CISA adds Oracle WebLogic Server flaw to its Known Exploited Vulnerabilities ...
5 months ago Securityaffairs.com
CVE-2022-32152 - Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by default. Splunk peer communications configured ...
2 years ago
CVE-2022-32153 - Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by default. Splunk peer communications configured ...
2 years ago
Tech Security Year in Review - In this Tech Security Year in Review for 2023, let's look into the top data breaches of the past year. Each factor contributes to the growing threatscape, demanding a proactive and adaptable cybersecurity approach to safeguard your organization ...
11 months ago Securityboulevard.com
Cloudflare publishes details of Thanksgiving security breach The Register - Cloudflare has just detailed how suspected government spies gained access to its internal Atlassian installation using credentials stolen via a security breach at Okta in October. In a write-up on Thursday, CEO Matthew Prince, CTO John ...
10 months ago Go.theregister.com
Cloudflare discloses breach related to stolen Okta data - Last fall, Cloudflare announced it mitigated an attempted cyberattack stemming from the infamous Okta breach. Cloudflare disclosed in a blog post that it had been breached by an unnamed nation-state threat actor using an access token and three ...
10 months ago Techtarget.com
Data Breach Response: A Step-by-Step Guide - In today's interconnected world, organizations must be prepared to respond swiftly and effectively in the face of a data breach. To navigate these challenges, a well-defined and comprehensive data breach response plan is essential. Let's explore the ...
9 months ago Securityzap.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)