Paul van Brouwershaven

TrueNAS CORE Vulnerability Let Attackers Execute Remote Code: Security researchers Daan Keuper, Thijs Alkemade, and Khaled Nassar from Computest Sector 7 disclosed a critical vulnerability in TrueNAS CORE, a widely-used open-source storage operating system developed by iXsystems. The vulnerability, CVE-2024-11944, allows network-adjacent attackers to execute arbitrary code on affected installations without requiring authentication. This discovery was presented during the renowned cybersecurity competition Pwn2Own. 2024 […] The post TrueNAS CORE Vulnerability Let Attackers Execute Remote Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

1

Join us at the OWASP BeNeLux Days Conference 2024 happening on November 28-29 in Utrecht, the Netherlands for the most up-to-date insights on application security and network with fellow professionals. Learn more about the event here: https://ow.ly/obm950U3t7J #OWASP #Cybersecurity #SecureCodeWarrior

12

[CVE-2024-12322: HIGH] WordPress plugin ThePerfectWedding.nl Widget has a serious security vulnerability to Cross-Site Request Forgery in versions up to 2.8. Attackers can manipulate 'tpwKey' option via cross-site scripting. Be cautious of clicking unknown links to prevent unauthorized access. https://lnkd.in/e7VQx5W8

2

ON2IT, a global pure-play cybersecurity service provider in the Netherlands, developed a solution to measure and improve their cybersecurity posture while strengthening compliance with several local and European regulations. Read the story: https://bit.ly/49Her4p

4

1 Comment

Volt Typhoon, a cyber espionage group, is exploiting a zero-day vulnerability in Versa Director, a software product used by many Internet and IT service providers. ​ ​This specific zero-day allows attackers to upload a file to vulnerable systems and infiltrate networks, having the potential to wreak havoc on the software supply chain. ​ ​ProcessUnity's Threat & Vulnerability Response enables TPRM teams to assess potential exposure to emerging threats, such as the Versa Director zero-day, in hours or days. ​ ​Check out more on Threat & Vulnerability Response: https://ow.ly/AZJv50Tezco ​ Read more on the attack, how hackers can control network infrastructure and affect supply chains: https://ow.ly/RpjU50Tezcp ​ #CyberSecurity #ITSecurity #SupplyChain

20

3 Comments

#CyCatz #cybersecurity How I Hacked the Dutch Government: Exploiting an Innocent Image for Remote Code Execution   More... https://shorturl.at/se04C   #cyberawareness #cyberattack #breaches #databreaches #cybercrime #darkwebmonitoring #SurfaceWebMonitoring #mobilesecurity #emailsecurity #vendorriskmanagement #BrandMonitoring #security #information #bugbounty #rce

10

Register for our upcoming co-hosted webinar with SITS Group Brian de Vries & CyberArk Marcel Bosgra to learn how to secure your privileged accounts without the complexity of managing PAM yourself. http://spr.ly/6045sC6dD #IdentitySecurity #PAM #cybersecurity

79

3 Comments

Episode 21 - Graph DB: A must have for intelligent IAM systems 🚀"The Identity Navigator" Podcast - New Episode Alert🚀   In this episode, we take a deep dive into the role of graph databases in Identity and Access Management (IAM) and explore why they are becoming indispensable in modern IAM systems.    For over 25 years, LDAP and relational databases have been the backbone of IAM. However, as the demands of IAM systems evolve, particularly in cloud-native and enterprise environments, it's clear that traditional databases are struggling to keep pace. It's time to introduce graph databases, a technology inherently suited for many IAM use cases.   While relational databases offer consistency and robust transactional support, they falter in handling the growing complexity of dynamic access control and scalable architectures. Graph databases, on the other hand, excel at managing complex relationships and connections—key elements in modern IAM systems.    In this episode, we discuss the limitations of RDBMS systems and explore how graph databases can transform IAM by offering smarter, more adaptable solutions for today's identity challenges.   https://lnkd.in/eV8QZDxt   #TheIdentityNavigator #IAM #Podcast #TechTalk   #IdentityAndAccessManagement

36

6 Comments

On September 17, we will host another brownbag session. This session will be given by Gijs Van Laer of XFA. During this edition he will talk about modern cybersecurity strategies, focusing specifically on an essential component known as Zero Trust Application Access (ZTAA). Registrations here ➡️ https://lnkd.in/eeyQS75X #Webinar #DeviceSecurity #ZTAA #CyberSecurity #XFA

10

We’re proud to share that Own's CISO, Pieter VanIperen, recently contributed his expert insights on endpoint protection in an article published by News in the Channel. In this feature, Pieter highlights why robust endpoint security is critical for SMBs, emphasizing that as threats continue to evolve, so must our defenses. His commentary reflects Own Company's ongoing commitment to protect organizations from the ever-growing cyber risks. Read the full article here: https://lnkd.in/gY_8V-by #Own #OwnData #OwnCompany #Cybersecurity #CISOInsights

31

Make the most of your CyberArk solutions! Get an overview of the Authentication Orchestration feature in CyberArk Identity in this less-than-2-minute video. http://spr.ly/6047ekNeN #IdentitySecurity #cybersecurity

103

🔒 Ransomware attacks in the Netherlands are rising fast 🔒 New findings reveal 178 ransomware incidents, far surpassing earlier reports due to underreporting. Many companies don’t even register attacks, meaning the true scale is much larger. With 66% of businesses lacking basic security—poor password management, outdated software, and no two-factor authentication—cybercriminals are exploiting vulnerabilities. Q-Feeds can help you stay ahead of these threats with real-time, actionable intelligence from 2,500+ sources, helping partners better protect their clients. Don't wait—secure your network now! #CyberSecurity #QFeeds #ThreatIntelligence #Ransomware

3

Are you keeping up with the latest in Microsoft 365 security? 💻 Check out our recent webcast with Korstiaan S. to explore the updates in logging and auditing that are changing the game in cloud forensics and incident response. Available to watch now: https://buff.ly/3K65bL6 #Microsoft #IncidentResponse #AuditLogs

18

🚫 Dutch cybersecurity companies have issued warnings to thousands of companies about a global ransomware attack. The attackers, known as the Cactus Gang, are from Eastern Europe and have been active since the end of last year. Contact us to get help for your digital security! #SimpleCyber #CyberNews #cybersecurity

1

If you missed yesterday's ELTA | Live webinar on cybersecurity for web apps with Aidas Kavalis of Amberlo, Wouter Van Respaille of Henchman and Roeland Delrue of Aikido Security, moderated by Michiel Denis of Henchman, the recording is up on ELTA's Youtube channel. Watch and learn. #legaltech #cybersecurity

16

⏰ 𝐓𝐡𝐞 𝐍𝐈𝐒𝐓 𝐒𝐏 800-204𝐃 𝐃𝐞𝐚𝐝𝐥𝐢𝐧𝐞 𝐈𝐬 𝐀𝐥𝐦𝐨𝐬𝐭 𝐇𝐞𝐫𝐞! With the October deadline around the corner, it’s crucial to ensure your software supply chain is secure and compliant. Don’t wait—contact us today to get your organization ready for NIST SP 800-204D. Meanwhile, read our whitepaper for essential insights and strategies to strengthen your security posture. 🔗 Download the whitepaper here https://lnkd.in/dPVPeAjt #CyberSecurity #DevOps #InfoSec #OSS #Hacking #CyberThreats #Malware #AppSec #DevSecOps #ThreatDetection #DataSecurity #CyberProtection #MalwareProtection #ASPM #SSCS

8

1 Comment

Yesterday’s Cloudflare PeerPoint event in Brussels was all about the future of cybersecurity and the new NIS2 regulations. Our colleague Joris joined industry experts to discuss these crucial topics and network with peers. Check out our latest blog (link in comments) to learn how nFuse’s proactive and transparent approach aligns with Cloudflare’s mission to protect businesses from digital threats. Cloudflare Joris Moermans #peerpoint #cybersecurity #NIS2

6

2 Comments