Adrian Johnson
TLDR:
- Ivanti fixes critical RCE vulnerability reported by NATO researchers
- Nissan breach affects 100,000 individuals
An overview of last week’s key news includes the following highlights:
In an interview with Pedro Cameirão from Nokia, emerging cybersecurity trends for 2024 are discussed along with strategies for enterprises to enhance resilience against cybercriminal innovation.
A selection of cybersecurity jobs available right now is highlighted, showcasing various roles across different skill levels within the industry.
Several important tools and resources for cybersecurity professionals are introduced, including a fast QUIC protocol scanner, an open-source security auditing tool, an automation tool for subdomain enumeration and bug detection, and information on prevalent malware behaviors and techniques.
The struggles of NIST’s National Vulnerability Database (NVD) are explored, impacting vulnerability management efforts.
Additionally, information on recent data breaches at France Travail, Nissan Oceania, and Fujitsu Limited is provided, along with fixes for critical vulnerabilities in Ivanti Standalone Sentry and Fortra FileCatalyst MFT.
Attacks leveraging JetBrains TeamCity flaw, SmokeLoader malware, and efforts to recruit RaaS affiliates are also covered in the article.
Furthermore, global concerns over critical infrastructure resilience to cyber attacks, the rise of shadow AI as a cybersecurity threat, and the importance of privacy-enhancing technologies in AI adoption are discussed.
Additional topics include certificate automation, fake data breaches, security best practices for GRC teams, and the protection of critical secrets from leaks.
Overall, the article provides a comprehensive overview of key cybersecurity developments from the past week.
