Phylum’s Post

Check out our latest blog on GitLab Patches Critical SAML Authentication Bypass Vulnerability and our recommendations. https://lnkd.in/gk-CuSTP #cybersecurity #cyberawareness #cyberthreats #cyberdefense #malware #vmware #pickle #threats #malicious #attacks #usertracking #tracking #excobalt #windows #android #botnet #macos #data #exfiltration #badspace #hackerscard #wordpress #scattered #website #wordpress #authentication #cybergang #vulnerability #privacy #critical #cyberattack #databreach #cyber #cybercriminals #gitlab #patches #saml

You Cannot Secure an Application if it is Siloed! Nowadays, adversaries are targeting CI/CD pipelines, which is the most vulnerable part of the application journey as it is in this place where an application is first built and then pushed into the cloud. This entire journey needs to be as secure as the code itself. Frequent attacks like these gave birth to code security, which involves finding, fixing, and preventing security vulnerabilities at the development stage. It became part of the software development process. Unfortunately, code security came with its own set of problems. It came up with a whole host of different tools like SAST, DAST, IAST, Source Code Review, Software Supply Chain Security, SCA, Secrets Management, and SBOM. The problem we see with the use of all these tools is that it creates silos in an organization’s security apparatus since all individual solutions are provided by different vendors. This fosters a negative culture where individual vendors don’t interact and communicate with each other due to their work being separate from one another. To remedy this problem: Invinsense consolidated all security tools into one single platform, which streamlined the code security process, meaning organizations will no longer need different vendors to perform various code security processes (SAST, SCA, DAST, IAST, Source Code Review, Software Supply Chain Security, Secrets Management, and SBOM) as everything is now being done from one single platform. This prevents siloing, due to which the application has much better security. Secondly, many DevSecOps vendors only focus on finding issues but don’t do anything to rectify them. Invinsense DevSecOps goes one step ahead by not only focusing on finding different types of vulnerabilities but also patching them out. Some useful excerpts from our blog on code security. Click on the link below if you want to learn more about this topic. https://lnkd.in/d4hDrpv9 #SoftwareSupplyChainAttacks #CodeSecurity #Invinsense #Cybersecurity #DevSecOps #AppSec #Security #CloudSecurity

APIs are the backbone of modern software development however, amidst all this innovation lies a silent menace: the prevalence of unknown APIs. These APIs, often lurking beyond sanctioned channels, pose significant security risks to organizations. Read the full article about the danger of unknown APIs here: https://lnkd.in/e_CSspmY #developers #Code #API #Cybersecurity #Security

🚨 Attention IT pros and cybersecurity warriors! 🚨 GitLab just dropped a bombshell with patches to plug a nasty loophole affecting both the free-spirited Community Edition (CE) and the big boss Enterprise Edition (EE). 💣💻 What's the buzz all about? Let me break it down for you in simple bytes 👩💻: - THE GIST: A sneaky vulnerability in ruby-saml library (CVE-2024-45409, CVSS score: 10.0) is the villain of the piece, paving the way for a crafty attacker to waltz in, posing as anyone they fancy within the vulnerable system. 😏 - THE FIX: Kudos to the vigilant maintainers who swooped in like cyber superheroes to save the day! 🦸♂️ They zapped this bug out of existence quicker than you can say cybersecurity breach. Now, what does this mean for us tech warriors battling the forces of cyber evil on the daily grind? Here's some food for thought 🤔: - LESSON LEARNED: It's a stark reminder that even the mightiest platforms like GitLab are not immune to the lurking dangers of cyber threats. Vigilance is key, folks! 🔒 - PREDICTION: With cyber attacks becoming more sophisticated by the nano-second, it's no longer a question of if but when the next big threat will strike. Stay sharp, stay ready! ⏱️ - HISTORY REPEATS: Remember the age-old wisdom - Those who cannot remember the past are condemned to repeat it. Let's learn from this incident and armor up our defenses. So, let's join forces, share insights, and fortify our cyber defenses together! 💪 Drop your thoughts below and let's chat! 🗣️ #ainews #automatorsolutions #cybersecurity #GitLab #vulnerability #technews #stayvigilant 💬🔐 #CyberSecurityAINews ----- Original Publish Date: 2024-09-18 22:36

URGENT: Critical GitLab Security Flaw  Organizations using self-hosted GitLab with SAML-based authentication must update immediately! A severe vulnerability (CVE-2024-45409) could allow attackers to bypass authentication and access sensitive data. Don't wait—secure your systems now. Read more: https://lnkd.in/ggUt-hMj #CyberSecurity #GitLab #VulnerabilityAlert #CVE2024 #PatchNow #DataSecurity #TechNews #DevOps #SecurityUpdate #CyberThreat #SAML #DataProtection #AuthenticationBypass #CriticalVulnerability #GitLabSecurity

🔓 Two major vulnerabilities, "GitHub Enterprise Server" and "QNAP QTS", have recently been identified, posing severe risks to widely used technologies. 🔻 CVE-2024-4985 in #GitHub Enterprise Server: -Severity: Highest possible #CVSS score of 10.0. -Impact: Enables attackers to bypass authentication mechanisms, potentially gaining administrative privileges and compromising sensitive data. -Affected: GHES instances with SAML SSO configured with encrypted assertions. -Action Required: Apply patches immediately for versions 3.9.15, 3.10.12, 3.11.10, and 3.12.4. 🔻 CVE-2024-27130 in QNAP QTS: -Severity: #RemoteCodeExecution (#RCE) #vulnerability with a Proof-of-Concept (#PoC) exploit available. -Impact: Allows arbitrary code execution on affected QNAP NAS devices. -Affected: #QTS, #QuTScloud, and #QTS hero. -Action Required: Apply updates included in QTS 5.1.6.2722 build 20240402 and QuTS hero h5.1.6.2734 build 20240414. 👀 Utilize SOCRadar’s Attack Surface Management (ASM) module for continuous monitoring and timely threat alerts. https://lnkd.in/dK2PvdTf #CyberSecurity #VulnerabilityManagement #SecurityAlert #Cybernews

The Evolution of Protection: Next-Gen Application Security Software 𝐂𝐥𝐢𝐜𝐤 𝐇𝐞𝐫𝐞 𝐅𝐨𝐫 𝐌𝐨𝐫𝐞: https://lnkd.in/gkqFnYx7 #AppSec #CyberSecurity #SoftwareSecurity #InfoSec #DataProtection #DevSecOps #SecureCoding #ThreatDetection

12 Essential Tips for API Security - Every Backend Developer Must Know. Use HTTPS — Encrypt all communication. Use OAuth2 — Implement robust authentication. Adopt WebAuth — Ensure secure and passwordless login. Leveled API Keys — Assign different access levels. Authorization — Control who can do what. Rate Limiting — Prevent abuse and protect resources. API Versioning — Manage changes and maintain stability. Whitelisting — Allow only trusted IPs or domains. Check OWASP API Security Risks — Stay informed of vulnerabilities. Use an API Gateway — Add a layer of governance and control. Error Handling — Don’t expose sensitive details. Input Validation — Always sanitize and validate data. Securing your APIs isn’t optional—it’s foundational. #APISecurity #DevOps #CyberSecurity #BackendDevelopment #SecureAPIs Which of these are you implementing already? Let’s discuss! 🔐 Visual Image Credit: ByteByteGO

Four ways to reconcile developer and security teams https://buff.ly/3LprxYN #cybersecurity #hacking #security #technology #hacker

GitLab patched 17 bugs, including a critical flaw with a CVSS score of 9.9  that could let an attacker trigger a pipeline as an arbitrary user, leading to privileged escalation, data exfiltration, and a software supply chain compromise. Security pros consider flaws in a CI/CD pipeline serious because the pipeline just doesn’t automate how developers create, test, and deploy applications, it helps teams find bugs early in the development process, which helps them turn out higher quality software. Nearly 30,000 companies worldwide use GitLab, with about 44% of them from the United States. In its Sept. 11 advisory, GitLab said the critical flaw — CVE-2024-6678 — was discovered in GitLab CE/EE affecting all versions starting from 8.14 prior to 17.1.7; from 17.2 prior to 17.2.5; and from 17.3 prior to 17.3.2. Callie Guenther, senior manager of cyber threat research at Critical Start, said while this vulnerability has not been observed in the wild yet, it bears strong similarities to recent high-profile attacks and tactics used by advanced persistent threat (APT) groups and cybercriminal gangs. Guenther, an SC Media columnist, pointed to the CodeCov breach in 2021 that exposed the danger of a CI/CD pipeline compromise. Attackers modified a script in CodeCov’s pipeline, which let them exfiltrate environment variables, credentials, and sensitive data. This attack had ripple effects, affecting multiple downstream organizations that relied on compromised builds. “APTs such as APT29 (Cozy Bear) and Lazarus Group target these environments for long-term access and data manipulation,” said Guenther. “In the case of CVE-2024-6678, exploiting pipeline permissions could lead to widespread compromise of production software.” Evan Dornbush, a former NSA cybersecurity specialist, explained that this bug is particularly insidious for three reasons. First, an attacker can access all of the company’s source code, resulting in loss of intellectual property. Second, an attacker can introduce his/her own malicious code into the organization, resulting in the product being a source of vulnerability to the product's users. Finally, an attacker can compel a vulnerable server to run malicious programs, resulting in the compromise of the underlying operating system." https://lnkd.in/e3XF4Cp2