USN-7042-2: cups-browsed vulnerability

Read Time:27 Second

USN-7042-1 fixed a vulnerability in cups-browsed. This update improves the
fix by removing support for the legacy CUPS printer discovery protocol
entirely.

Original advisory details:

Simone Margaritelli discovered that cups-browsed could be used to create
arbitrary printers from outside the local network. In combination with
issues in other printing components, a remote attacker could possibly use
this issue to connect to a system, created manipulated PPD files, and
execute arbitrary code when a printer is used. This update disables
support for the legacy CUPS printer discovery protocol.

Read More

Enhancing Cyber Resilience in the Financial Services Industry

Read Time:2 Minute, 24 Second

2024 Cyber Resilience Research Unveils Financial Services Industry Challenges

New data illuminates how financial services leaders can prioritize resilience.

 Financial services institutions find themselves at the intersection of progress and peril in the rapidly evolving digital landscape. The latest data underscores that the trade-offs are significant and pose substantial risks to financial institutions.

Get your complimentary copy of the report

One of the foremost obstacles is the disconnect between senior executives and cybersecurity priorities. Despite recognizing cyber resilience as a crucial imperative, many financial services institutions struggle to secure the support and resources from top leadership. This lack of engagement hinders progress and leaves institutions vulnerable to potential breaches.

Meanwhile, technology continues to advance astonishingly, as do the risks posed by cyber threats. The 2024 LevelBlue Futures™ Report reveals this delicate balancing act between innovation and security within the financial services industry. Our comprehensive analysis identifies opportunities for deeper alignment between executive leadership and technical teams.

The Elusive Quest for Cyber Resilience in Financial Services

 

Imagine a world where financial services institutions are impervious to cyber threats—where every aspect of an operation is fortified against disruptions. This is the lofty ideal of cyber resilience, yet it remains an elusive goal for many financial services institutions. The rapid evolution of computing has transformed the IT landscape, blurring the lines between legacy systems, cloud computing, and digital transformation initiatives. While these advancements bring undeniable benefits, they also introduce unprecedented risks.

Our research indicates that 85% of finance respondents agree that dynamic computing increases their risk exposure. In a world where cybercriminals are becoming increasingly sophisticated, the need for cyber resilience has never been more urgent. From ransomware attacks to crippling DDoS incidents, financial institutions operate in a climate where a single breach can have catastrophic consequences.

Exploring the Relationship Between Leadership and Cyber Resilience

Our survey of 1,050 C-suite and senior executives, including 197 from the finance sector across 18 countries, highlights the pressing need for cyber resilience. The report is designed to foster thoughtful discussions about vulnerabilities and improvement opportunities.

In the report, you’ll:

Discover why financial services leaders and tech teams must prioritize cyber resilience.
Learn about the critical barriers to achieving cyber resilience.
Uncover the importance of business context and operational issues in prioritizing resilience.

Recognizing the Imperative of Cyber Resilience

 Financial services leaders are called to chart a course toward greater security and preparedness. Reacting to cyber threats as they arise is no longer enough; organizations must proactively bolster their defenses and cultivate a culture of resilience from within.

Our research delves into the multifaceted challenges facing financial services institutions in their quest for cyber resilience. From limited visibility into IT estates to the complexity of integrating new technologies with legacy systems, financial institutions grapple with deep-seated barriers that hinder their ability to withstand cyber threats.

Download the report today

Read More

Enhancing Cyber Resilience in the Financial Services Industry

Read Time:2 Minute, 24 Second

2024 Cyber Resilience Research Unveils Financial Services Industry Challenges

New data illuminates how financial services leaders can prioritize resilience.

 Financial services institutions find themselves at the intersection of progress and peril in the rapidly evolving digital landscape. The latest data underscores that the trade-offs are significant and pose substantial risks to financial institutions.

Get your complimentary copy of the report

One of the foremost obstacles is the disconnect between senior executives and cybersecurity priorities. Despite recognizing cyber resilience as a crucial imperative, many financial services institutions struggle to secure the support and resources from top leadership. This lack of engagement hinders progress and leaves institutions vulnerable to potential breaches.

Meanwhile, technology continues to advance astonishingly, as do the risks posed by cyber threats. The 2024 LevelBlue Futures™ Report reveals this delicate balancing act between innovation and security within the financial services industry. Our comprehensive analysis identifies opportunities for deeper alignment between executive leadership and technical teams.

The Elusive Quest for Cyber Resilience in Financial Services

 

Imagine a world where financial services institutions are impervious to cyber threats—where every aspect of an operation is fortified against disruptions. This is the lofty ideal of cyber resilience, yet it remains an elusive goal for many financial services institutions. The rapid evolution of computing has transformed the IT landscape, blurring the lines between legacy systems, cloud computing, and digital transformation initiatives. While these advancements bring undeniable benefits, they also introduce unprecedented risks.

Our research indicates that 85% of finance respondents agree that dynamic computing increases their risk exposure. In a world where cybercriminals are becoming increasingly sophisticated, the need for cyber resilience has never been more urgent. From ransomware attacks to crippling DDoS incidents, financial institutions operate in a climate where a single breach can have catastrophic consequences.

Exploring the Relationship Between Leadership and Cyber Resilience

Our survey of 1,050 C-suite and senior executives, including 197 from the finance sector across 18 countries, highlights the pressing need for cyber resilience. The report is designed to foster thoughtful discussions about vulnerabilities and improvement opportunities.

In the report, you’ll:

Discover why financial services leaders and tech teams must prioritize cyber resilience.
Learn about the critical barriers to achieving cyber resilience.
Uncover the importance of business context and operational issues in prioritizing resilience.

Recognizing the Imperative of Cyber Resilience

 Financial services leaders are called to chart a course toward greater security and preparedness. Reacting to cyber threats as they arise is no longer enough; organizations must proactively bolster their defenses and cultivate a culture of resilience from within.

Our research delves into the multifaceted challenges facing financial services institutions in their quest for cyber resilience. From limited visibility into IT estates to the complexity of integrating new technologies with legacy systems, financial institutions grapple with deep-seated barriers that hinder their ability to withstand cyber threats.

Download the report today

Read More

Ivanti CSA (Cloud Services Appliance) zero-day Attack

Read Time:1 Minute, 46 Second

What is the Attack?Attackers are actively exploiting multiple zero-day vulnerabilities affecting Ivanti CSA (Cloud Services Appliance) that could lead an attacker to gain admin access, bypass security measures, run arbitrary SQL commands, and execute code remotely.The FortiGuard Incident Response (IR) team has been engaged in one of the compromised CSA (Cloud Services Appliance). As the investigation is still ongoing, more details about the campaign will be provided once available. CVE-2024-9379: SQL injection in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements.CVE-2024-9380: An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to obtain remote code execution.CVE-2024-9381: Path traversal in Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to bypass restrictions.CVE-2024-8963: Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality.What is the recommended Mitigation?Ivanti has released updates for Ivanti CSA (Cloud Services Appliance) which addresses these vulnerabilities. Security Advisory Ivanti CSA (Cloud Services Appliance)In the advisory, Ivanti has mentioned that they have observed limited exploitation of CSA 4.6 when CVE-2024-9379 or CVE-2024-9380 are chained with CVE-2024-8963.What FortiGuard Coverage is available?FortiGuard recommends users apply the vendor’s fixes as mentioned in the advisory. FortiGuard Web Filtering service has blocked all the known Indicators of Compromise (IoCs) captured during the IR engagement.FortiGuard Antivirus service has blocked all the known malware used by the threat actor in the related campaign.FortiGuard IPS protection is available for CVE-2024-8963 “Ivanti.Cloud.Service.Appliance.datetime.Command.Injection” to defend against the attack targeting the vulnerable Ivanti CSA systems.FortiGuard IPS protection is currently being investigated for CVE-2024-9379, CVE-2024-9380, and CVE-2024-9381.The FortiGuard Incident Response team can be engaged to help with any suspected compromise.

Read More