Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A stored XSS vulnerability was discovered in BlogHub, a plugin in the CMS October. This article explores the vulnerability, its impact, and current status in detail.

An authentication bypass vulnerability, tracked as CVE-2024-0204, was discovered in Fortra's GoAnywhere MFT versions prior to 7.4.1 and allows an unauthorized user to create an admin user via the administration portal. This vulnerability has a CVSS score of 9.8 with a high potential for exploitation, which we expect to see in the short term due to a proof of concept (PoC) being available. Fortra informed customers on December 4, 2023, of the flaw via an internal forum post.

Atlassian recently disclosed a new critical vulnerability in its Confluence Server and Data Center product line, the CVE has a CVSS score of 10, and allows an unauthenticated attacker to gain Remote Code Execution (RCE) access on the vulnerable server. There is no workaround, the only solution being to upgrade to the latest patched versions.

On January 10th, 2024, Volexity reported that there is active exploitation in the wild against Ivanti Connect Secure (ICS) VPN devices. Ivanti and Volexity worked together to review impacted devices, and Volexity identified two different zero days, which have been assigned the following CVEs IDs.

Bug bounty hunting is a process where security researchers or hackers actively search for and identify security vulnerabilities or "bugs" in web applications, IoT devices, mobile applications, or even smart contracts. These vulnerabilities can range from relatively simple issues like cross-site scripting (XSS) or SQL injection to more complex and critical weaknesses that could potentially compromise the security and privacy of users' data.

I’ll be honest – the last time someone asked me to assess my behavior was in therapy. Difficult? Yes. Who likes to audit themselves? But that process taught me something valuable: evaluating ourselves, even when uncomfortable, propels us forward. In my many conversations with security professionals, one common theme emerges. We need continuous progress forward as security organizations for the business.

CVE-2024-0204, a critical authentication bypass exploit in Fortra's GoAnywhere Managed File Transfer (MFT) software, allows unauthorized users to create admin users and bypass authentication requirements. GoAnywhere MFT was previously targeted by the Clop ransomware group with CVE-2023-0669. Fortra released a security advisory for CVE-2024-0204 in January 2024 following their December 2023 patch release. Any use of Fortra GoAnywhere MFT versions predating 7.4.1 are affected by the vulnerability.

Technical vulnerabilities are areas of weakness in your source code or infrastructure that attackers could potentially exploit. It’s important for your business to address its technical vulnerabilities to protect itself from these types of threats, in addition to gaining or maintaining compliance with SOC 2 and ISO 27001. ‍ For many of these standards, you’re required to have vulnerability scanners running to ensure you’re continuously monitoring for new threats.