Cyble Research and Intelligence Labs (CRIL) has identified an increase in the exploitation of the Microsoft SmartScreen vulnerability (CVE-2024-21412) through an active campaign targeting regions like Spain, the US, and Australia.

Critical infrastructure providers are urging federal officials for more flexibility in reporting cyber incidents within the first 72 hours under the Cyber Incident Reporting for Critical Infrastructure Act.

Attackers can leverage the Jenkins Script Console to execute malicious Groovy scripts, leading to cybercriminal activities such as the deployment of cryptocurrency miners.

Security teams require efficient, cost-effective solutions to mitigate the risk of a successful cyber attack

The shift away from public disclosure on Twitter is part of an evolution in how the CNMF communicates cyber threat information. The command now focuses on working closely with industry partners to share information effectively and efficiently.

The flaw allows an attacker to execute arbitrary commands as root on the affected device’s operating system. Only attackers with administrator credentials can successfully exploit this vulnerability.