Palo Alto Networks urged companies this week to patch against a newly discovered zero-day vulnerability in one of its widely used security products, after malicious hackers began exploiting the bug to break into corporate networks.
Because the vulnerability allows hackers to gain complete control of an affected firewall over the internet without authentication, Palo Alto gave the bug a maximum severity rating.
The ease with which hackers can remotely exploit the bug puts thousands of companies that rely on the firewalls at risk from intrusions.
Adding another complication, Palo Alto initially suggested disabling telemetry to mitigate the vulnerability, but said this week that disabling telemetry does not prevent exploitation.
Security firm Volexity, which first discovered and reported the vulnerability to Palo Alto, said it found evidence of malicious exploitation going back to March 26, some two weeks before Palo Alto released fixes.
Earlier today, Sentry announced its AI Autofix feature for debugging production code and now, a few hours later, GitHub is launching the first beta of its code scanning autofix feature for finding and fixing security vulnerabilities during the coding process.
This new feature combines the real-time capabilities of GitHub’s Copilot with CodeQL, the company’s semantic code analysis engine.
The company also promises that code scanning autofix will cover more than 90% of alert types in the languages it supports, which are currently JavaScript, Typescript, Java, and Python.
“Just as GitHub Copilot relieves developers of tedious and repetitive tasks, code scanning autofix will help development teams reclaim time formerly spent on remediation,” GitHub writes in today’s announcement.
To generate the fixes and their explanations, GitHub uses OpenAI’s GPT-4 model.
Security researchers say a pair of easy-to-exploit flaws in a popular remote access tool used by more than a million companies around the world are now being mass-exploited, with hackers abusing the vulnerabilities to deploy ransomware and steal sensitive data.
ConnectWise first disclosed the flaws on February 19 and urged on-premise customers to install security patches immediately.
Finnish cybersecurity firm WithSecure said in a blog post Monday that its researchers have also observed “en-mass exploitation” of the ScreenConnect flaws from multiple threat actors.
It’s not yet known how many ConnectWise ScreenConnect customers or end users are affected by these vulnerabilities, and ConnectWise spokespeople did not respond to TechCrunch’s questions.
The company’s website claims that the organization provides its remote access technology to more than a million small to medium-sized businesses that manage over 13 million devices.
A spam attack that impacted the open source X rival Mastodon, Misskey, and other apps highlights how the decentralized social web, also known as the Fediverse, is open to abuse.
Over the past several days, attackers have targeted smaller Mastodon servers, taking advantage of open registrations to automate the creation of spam accounts.
While this is not the first spam attack that has impacted the Fediverse, Rochko notes that only larger servers like Mastodon.social had been targeted previously.
The spam attack highlighted one of the weaknesses that comes with how the Fediverse is structured.
It makes me want to walk away and give up,” wrote one Mastodon server admin sam@urbanists.social.
Silicon Valley venture capital (VC) juggernaut Sequoia is backing a fledgling Danish startup to build a next-gen software composition analysis (SCA) tool, one that promises to help companies filter through the noise and identify vulnerabilities that are a genuine threat.
For context, most software contains at least some open source components, many of which are out-of-date and irregularly — if at all — maintained.
In turn, this is leading to an array of fresh regulation, designed to strong-arm businesses into running a tighter software supply chain.
The problem is, with millions of components permeating the software supply chain, it’s not always easy to know whether a given application is using a particular component.
And this is where Danish cybersecurity startup Coana is setting out to make a difference, using “code aware” SCA to help its users separate out irrelevant alerts and focus only on those that matter.
U.S. software giant Ivanti has confirmed that hackers are exploiting two critical-rated vulnerabilities affecting its widely-used corporate VPN appliance, but said that patches won’t be available until the end of the month.
Ivanti said the two vulnerabilities — tracked as CVE-2023-46805 and CVE-2024-21887 — were found in its Ivanti Connect Secure software.
Formerly known as Pulse Connect Secure, this is a remote access VPN solution that enables remote and mobile users to access corporate resources over the internet.
When TechCrunch asked why patches weren’t being made available immediately, Ivanti declined to comment.
Ivanti is urging that potentially impacted organizations prioritize following its mitigation guidance, and U.S. cybersecurity agency CISA has also published an advisory urging Ivanti Connect Secure to mitigate the two vulnerabilities immediately.
Log4j, maybe more than any other recent security issue in recent years, thrust software supply chain security into the limelight, with even the White House weighing in.
Some of those may be in libraries that aren’t even used when the container is in production, but they are vulnerabilities nevertheless.
According to Slim.ai‘s latest Container Report, the average organization now deploys well over 50 containers from their vendors every month (and almost 10% deploy more than 250).
Yet only 12% of the security leaders who responded to Slim.ai’s survey said they were able to achieve their own vulnerability remediation goals.
Most companies see some disruptions multiple times a week because they detect a vulnerability in a production container, for example.
As GitLab plans to further integrate AI into their security features, this will help developers protect themselves from potential vulnerabilities in their code. By using a large language model, vunerabilities…
