InfoSecBulletin Cybersecurity for mankind
The U.S. federal agency CISA has included CVE-2023-7028 in its Known Exploited Vulnerabilities Catalog. This means that the vulnerability is currently being targeted by attackers. CISA has instructed federal agencies to protect their systems by May 22, giving them a deadline of three weeks.
The U.S. cybersecurity agency hasn’t shared any information about ongoing attacks using the serious GitLab security bug. But they confirmed there is no evidence that it’s being used in ransomware attacks.
Eight New ICS Advisories released by CISA
Authority Denies
Hacker claim ransomware attack on Indonesia’s state bank BRI
London-based company “Builder.ai” reportedly exposed 1.2 TB data
(CVE-2024-12727, CVE-2024-12728, CVE-2024-12729)
Sophos resolved 3 critical vulnerabilities in Firewall
“Workshop on Cybersecurity Awareness and Needs Analysis” held at BBTA
CVE-2023-48788
Kaspersky reveals active exploitation of Fortinet Vulnerability
U.S. Weighs Ban on Chinese-Made Router TP-Link: WSJ reports
Daily Security Update Dated: 18.12.2024
CISA released best practices to secure Microsoft 365 Cloud environments
Data breach! Ireland fines Meta $264 million, Australia $50m
“These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise,” CISA said today.
Private organizations using GitLab DevOps platform should also prioritize patching the vulnerability to prevent attacks.
GitLab has important data like code and API keys. If someone takes over an account, it can cause big problems. They could also insert harmful code in the CI/CD system to attack repositories.
