Security Bulletin: PowerSchool K-12 Data Breach

PowerSchool, a widely used cloud-based and on-premises platform, experienced a data breach reported on December 28, 2024. The platform helps K-12 schools manage student and teacher information, including Personally Identifiable Information (PII), attendance records, grades, medical information, and Social Security numbers. The breach affected both cloud and on-premises customers after a compromise of maintenance account […]

Security Bulletin: Critical Remote Code Execution Vulnerability in Apache Struts [CVE-2024-53677]

A newly discovered critical vulnerability, CVE-2024-53677, in Apache Struts enables remote code execution (RCE) and is actively exploited in the wild using a publicly available Proof-of-Concept (PoC). Apache Struts is an open-source framework for building Java-based web applications. It helps developers create scalable software solutions, that powers everything from e-commerce websites to financial systems and […]

Security Bulletin: PAN-OS Authentication Bypass and Privilege Escalation Vulnerabilities

On November 19, 2024, Palo Alto Networks disclosed two critical vulnerabilities in its PAN-OS software, CVE-2024-0012 an Authentication Bypas, and CVE-2024-9474 a Privilege Escalation. These vulnerabilities enable attackers to gain unauthorized administrative access and escalate privileges to root level. Exploitation of these vulnerabilities, observed in the wild, has been attributed to a targeted campaign dubbed […]

How to Combat Alert Fatigue to Retain and Empower Your Security Teams

In the high-stakes world of cybersecurity, organizations must ensure that their teams not only protect the organization but also stay motivated and productive. One of the most insidious threats to achieving this goal is alert fatigue. When analysts are bombarded with thousands of security alerts daily, they risk becoming overwhelmed and disillusioned in their roles. […]

The Hidden Costs of a SIEM: The Need for a New Approach

Maintaining robust cybersecurity defenses comes with significant costs, but one area that often exceeds is the ongoing administration of Security Information and Event Management (SIEM) systems. The expenses associated with logging, storing, and managing SIEM data can escalate rapidly, especially when compounded by compliance and regulatory requirements. What are these hidden costs and how can […]

Centripetal Expands UK Partner Programme

Provides Fully Managed Cybersecurity Service by operationalising the world’s cyber threat intelligence Manchester, UK (November 19, 2024) – Centripetal, the global leader in intelligence powered cybersecurity, has announced the launch of its UK Partner Programme, a strategic move designed to enable IT Service Providers to offer a fully managed cyber security solution to the UK […]

Palo Alto Networks Expedition Multiple Vulnerabilities (CVE-2024-9463, CVE-2024-9464, CVE-2024-9465, CVE-2024-9466, CVE-2024-9467)

On November 14, 2024, Palo Alto Networks disclosed five critical vulnerabilities in its Expedition configuration migration tool, a solution designed to simplify the migration of firewall configurations from third-party vendors to Palo Alto Networks’ PAN-OS infrastructure. These vulnerabilities—tracked as CVE-2024-9463, CVE-2024-9464, CVE-2024-9465, CVE-2024-9466, and CVE-2024-9467—expose users to risks such as unauthorized access, data leakage, and […]

The Elements of Intelligence: Centripetal’s Journey in Ireland

A Letter From Dave Silke, MD, Centripetal Europe Just over two years ago, Centripetal began its European journey in Galway, Ireland. What began in a small conference room has grown into a thriving office based at Platform 94’s innovation center in Mervue. Today, we are an ambitious and passionate team of network engineers, cyber analysts, R&D […]

Risks for Polyfill.io Users

Earlier this year, a Chinese company named Funnull acquired the polyfill[.]io domain. Subsequently, the polyfill CDN started delivering malicious JavaScript code which was automatically deployed on websites embedding scripts from cdn.polyfill[.]io. Due to this acquisition, this code was used to redirect mobile visitors to scam sites.   Over 100,000 websites using the previously popular Polyfill JS […]

MOVEit Gateway and MOVEit Transfer Vulnerabilities

On June 25, 2024, Progress Software, the parent company of the MOVEit software suite, officially released details for two critical vulnerabilities identified in MOVEit Gateway and MOVEit Transfer, CVE-2024-5805 and CVE-2024-5806 respectively.   MOVEit Transfer is a managed file transfer solution that supports the exchange of files and data between servers, systems and applications within and […]