### Impact
Incorrect Access Control, anyone using the post or verifyRequestSignature methods to handle messages is impacted.

### Patches
Patched in version 4.0.3.

### Workarounds
It's possible to check the payload validation using the WhatsAppAPI.verifyRequestSignature and expect false when the signature is valid.

```ts
function doPost(payload, header_signature) {
    if (whatsapp.verifyRequestSignature(payload.toString(), header_signature) {
        throw 403;
    }
    
    // Now the payload is correctly verified
    whatsapp.post(payload);
}
```

### References
https://github.com/Secreto31126/whatsapp-api-js/pull/371



Attack vector: More severe the more the remote (logically and physically) an attacker can be in order to exploit the vulnerability.

Attack complexity: More severe for the least complex attacks.

Privileges required: More severe if no privileges are required.

User interaction: More severe when no user interaction is required.

Scope: More severe when a scope change occurs, e.g. one vulnerable component impacts resources in components beyond its security scope.

Confidentiality: More severe when loss of data confidentiality is highest, measuring the level of data access available to an unauthorized user.

Integrity: More severe when loss of data integrity is the highest, measuring the consequence of data modification possible by an unauthorized user.

Availability: More severe when the loss of impacted component availability is highest.

GHSA-mwhf-vhr5-7j23: whatsapp-api-js fails to validate message's signature

We dug into PartnerLeak, the site behind the "your partner is cheating on you" emails, including how and where the scammers get their information.

Earlier this week, we reported on a new type of scam that tells you your partner is cheating on you. However, we hit a dead end because we were unable to get hold of an original copy of the email.

That was until the scammers were “kind enough” to send one to one of our co-workers.

your partner is cheating on you and we have proof

> “Hi (target’s name\],
> 
> \[Partner’s name\] is cheating on you. Here is proof.
> 
> As a company engaged in cyber security we’ve found information related to \[partner’s name\] that might interest you.
> 
> We made a full backup of \[his/her\] disk. (We have all \[his/her\] address book, social media, history of viewing sites, dating apps, all files, phone numbers, and addresses of all \[his/her\] contacts) and are willing to give you a full access to this data. For more details visit our website.”

With this, we were able to investigate the scammers’ intentions.

All three of the links in the email (Here, website, and Check now) point to the same website. Through a landing page located at click\[.\]cardfoolops\[.\]com visitors are redirected to partnerleak\[.\]com.

The partnerleak\[.\]com domain was registered on August 1, 2024, with NameCheap anonymously. Anonymous registration doesn’t automatically mean the person registering is up to no good, but it did block us from researching this avenue any further.

The registration date, however, matches with the first complaints we started seeing about these emails.

Malwarebytes blocks partnerleak\[.\]com

During the redirection process, your email address is passed on, which means when you register at the site your email address is already filled out.

Email address is transmitted and pre-filled

The PartnerLeak site itself says it offers anonymity, as well as “crucial insights” into the behaviour of the one you love.

> “completely anonymous service leverages artificial intelligence and the vulnerabilities of popular smartphones to provide crucial insights into your partner’s behavior.”

> “**Are You Concerned About Your Partner’s Honesty?**
> 
> If you’ve decided to take a leap into a relationship but find yourself questioning your partner’s honesty, or if you’ve been together for a while and something feels off, we have a solution for you.
> 
> **Our Service**
> 
> Our completely anonymous service leverages artificial intelligence and the vulnerabilities of popular smartphones to provide crucial insights into your partner’s behavior. Here’s how it works:
> 
> Data Backup Access: You can download a backup from iCloud or Google, which includes:
> 
> *   Device location tracking
> *   Movement history with timestamps
> *   Correspondence from popular messaging apps like Telegram, WhatsApp, and iMessage
> *   Photo and video materials stored on the smartphone
> 
> Social Media Analysis: Utilizing AI and extensive data, our service can:
> 
> *   Check user registration and analyze behavior on platforms like Facebook and Twitter
> *   Investigate activity on popular dating apps such as Tinder, AdultFriendFinder, Hinge, and OkCupid
> 
> This comprehensive analysis helps you verify the reliability of your potential partner based on criteria that matter most to you.
> 
> **Commitment to Anonymity and Privacy**
> 
> *   Anonymous Transactions: We prioritize your anonymity by processing payments through cryptocurrencies, ensuring that your partner will remain unaware of your inquiries.
> *   Data Privacy: Your privacy is of utmost importance. We offer the option to permanently delete any data related to you from our system.
> 
> Take control of your relationship concerns today with our discreet and effective service!”

Nowhere on the site does it specify how much such an investigation would cost, but after registration you can start a search at which point it will tell you to top up your balance.

You don’t have free search. Please top up balance or try use different email.

To top up your balance there are three payment options:

*   Credit card
*   Bitcoin
*   Ethereum

We checked the balances on the cryptocurrency accounts they provided and we are happy to report that those are both dead in the water. We can only hope that the PartnerLeak revenue from credit cards looks the same, although that is probably wishful thinking on our part.

An empty and inactive Bitcoin wallet

An equally empty Ethereum account

Our investigation into where the scammers were getting the necessary information always pointed in the same direction: The Knot, a wedding services company.

However, we couldn’t find any breaches of its site or any tangible evidence that it was anything more than just a source of information. Like many other similar sites, it is easy to find a partner name on the site if you already have the name and email of the other partner.

But since many victims, including our co-worker, used The Knot’s services, we contacted them and received this statement from a spokesperson:

> “We were notified of user concerns, and after investigation by our cybersecurity team, determined there is no evidence of unauthorized access to our systems.”

Regardless of where the scammers are getting their data, let’s keep their balance at zero and spread the word.

**How to react to your partner “is cheating on you” emails**

First and foremost, never reply to emails of this kind. That tells the sender that someone is reading the emails sent to that address, and will lead to them trying other ways to defraud you.

*   If the email includes a password, make sure you are not using it any more _on any account_. If you are, change it as soon as possible.
*   If you are having trouble remembering all your passwords, have a look at a password manager.
*   Don’t let yourself get rushed into doing something. Scammers rely on time pressure that leads to people making quick decisions.
*   Do not open unsolicited attachments. Especially when the sender address is suspicious, or even appears to be your own.

If you want to find out what personal data of yours has been exposed online, you can use our free Digital Footprint scan. Fill in the email address you’re curious about (it’s best to submit the one you most frequently use) and we’ll send you a free report.

**We don’t just report on threats – we help safeguard your entire digital identit**y

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.

 PartnerLeak scam site promises victims full access to &#8220;cheating&#8221; partner&#8217;s stolen data 

Red Hat Security Advisory 2024-6612-03 - An update for fence-agents is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include a code execution vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_6612.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: fence-agents security updateAdvisory ID:        RHSA-2024:6612-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:6612Issue date:         2024-09-11Revision:           03CVE Names:          CVE-2024-6345====================================================================Summary: An update for fence-agents is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fix(es):* pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools (CVE-2024-6345)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-6345References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2297771

Red Hat Security Advisory 2024-6612-03

Red Hat Security Advisory 2024-6610-03 - An update for git is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_6610.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: git security updateAdvisory ID:        RHSA-2024:6610-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:6610Issue date:         2024-09-11Revision:           03CVE Names:          CVE-2024-32002====================================================================Summary: An update for git is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.Security Fix(es):* git: Recursive clones RCE (CVE-2024-32002)* git: RCE while cloning local repos (CVE-2024-32004)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-32002References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2280421https://bugzilla.redhat.com/show_bug.cgi?id=2280428

Red Hat Security Advisory 2024-6610-03

Silver Spring, United States, 12th September 2024, CyberNewsWire

**Silver Spring, United States, September 12th, 2024, CyberNewsWire**

The investment will drive the company’s advancement of scalable workload access management for enterprises

Aembit, the leading non-human identity and access management (IAM) company, has secured $25 million in Series A funding, bringing its total capital raised to nearly $45 million. Acrew Capital led the round, with participation from existing investors Ballistic Ventures, Ten Eleven Ventures, Okta Ventures, and CrowdStrike Falcon Fund.

Aembit’s funding comes in the wake of continued high-profile non-human identity attacks on organizations such as Cloudflare, The New York Times, and Microsoft. Non-human identity (NHI) refers to the applications, scripts, and bots that businesses use to automate their operations, as well as the credentials used by NHIs to communicate to sensitive databases, applications, and infrastructure. 

These incidents exposed secrets such as API keys, access tokens, and other non-human access credentials, which were used to penetrate enterprise environments. In a newly published survey of security professionals, Aembit found that most organizations still struggle with managing NHI credentials securely: Over 30% still storing credentials in code, and 23% using email and chat to share credentials. Over 60% of respondents are looking for a comprehensive solution across their entire organization.

Security professionals are recognizing the need for an access-focused approach that automates identity-driven, secretless, centrally enforced, and auditable access between distributed applications and SaaS services to sensitive resources in the cloud and on-premises. 

Aembit has led the market in solving this emerging challenge by pioneering non-human IAM. It enables policy-based access management between workloads and the sensitive resources they access, moving beyond reactive visibility and governance to proactively shrink the attack surface of rapidly growing and highly distributed non-human identities. Aembit was recently lauded as a Top 2 finalist in the prestigious 2024 RSA Innovation Sandbox competition and is a finalist for Best Identity Management Solution at the 2024 SC Awards. Aembit continues to advance access management with capabilities such as MFA-strength conditional access, policy automation via infrastructure-as-code, and robust auditing for NHI access. 

> “Aembit is tackling one of the most pressing challenges in modern enterprise security,” said Mark Kraynak, founding partner at Acrew Capital. “The shift to cloud and SaaS, and AI has driven an order-of-magnitude expansion in non-human identities. With the proliferation of microservices and APIs across diverse environments, IAM has become the critical first line of defense for protecting sensitive data. Legacy access management approaches weren’t designed with this level of scale and automation in mind. We are thrilled to be partnering with Aembit to bring a new approach to the market.”

Co-Founders David Goldschlag and Kevin Sapp have spent their careers innovating across the identity landscape, most recently creating New Edge Labs (acquired by Netskope), one of the first user zero trust products on the market.

> “Kevin and I founded Aembit with a vision to help enterprises secure access between non-human workloads, applications, and software resources with the same principles used today to secure human access,” said David Goldschlag, co-founder and CEO of Aembit. “Talking to hundreds of enterprises, and working closely with design partners, our approach centers on proactively securing access between non-human identities, while eliminating friction for developers and security teams.”

> “By solving non-human IAM, Aembit is tackling an essential security challenge,” said Brad Jones, CISO at Snowflake and an Aembit customer. “Not only is their approach to non-human access innovative, but Aembit is a provider we can rely on.”

The Aembit Workload IAM Platform enforces secure access between non-human workloads and the services that authorize access to sensitive data and infrastructure. Aembit’s policy engine grants secretless access, just-in-time, based on the workload’s identity and posture. 

Leveraging native identities and sophisticated automation, organizations use Aembit to eliminate storage of sensitive secrets within applications or vaults by moving to short-lived access tokens with a no-code auth approach. With Aembit, businesses proactively secure non-human access while eliminating the manual and fragmented work required today by security, engineering, and DevSecOps teams.

**About Aembit**

Aembit is the non-human identity and access management platform that secures access between workloads across clouds, SaaS, and data centers. With Aembit’s identity control plane, DevSecOps can fully automate secretless, policy-based, and Zero Trust workload access with MFA-strength capabilities. For more information, users can visit https://aembit.io/ and follow us on LinkedIn.

**Contact**

**CMO**  
**Apurva Davé**  
**Aembit**  
**\[email protected\]**

Aembit Raises $25 Million in Series A Funding for Non-Human Identity and Access Management

Cybercriminals are increasingly targeting retail affiliate programs with sophisticated cryptocurrency scams. Retailers and customers must stay alert against…

Cybercriminals are increasingly targeting retail affiliate programs with sophisticated cryptocurrency scams. Retailers and customers must stay alert against domain fraud, brand impersonation, and online Ponzi schemes to prevent losses.

Cybercriminals and nation-state hackers are increasingly targeting retail affiliate programs to conduct cryptocurrency scams, according to the latest research by cybersecurity firm DomainTools.

With its vast economic footprint and consumer brand loyalty, the retail sector has become a prime target for these malicious actors, exploiting online platforms and brand reputations to deceive consumers and reap financial rewards.

**Leveraging Brand Loyalty for Fraud**

The global retail industry—valued at over $30 trillion annually and with the top 50 retailers contributing more than $1.13 trillion in revenue in 2023—has always been a lucrative target for scammers and fraudsters. However, the transition toward e-commerce has opened up new opportunities for cybercriminals to exploit.

The DomainTools detailed technical report, shared with Hackread.com ahead of publishing, dives deep into how threat actors use domain fraud, brand impersonation, and multi-level Ponzi schemes to deceive consumers and steal cryptocurrency.

Cybercriminals are not just after financial gains; they are also damaging brand reputations. By closely imitating well-known consumer brands, these actors aim to exploit the trust and loyalty consumers have for these companies. This multi-layered fraud not only affects individual consumers but also threatens the credibility of the brands themselves.

**Online Storefronts: A Hotspot for Fraud**

One noteworthy trend underlined in the report is the rise of **e-commerce domain fraud**. As physical stores closed during the global pandemic, the retail sector’s move to online platforms created another ground for cybercriminals.

One group of threat actors, for instance, set up hundreds of fraudulent websites to impersonate well-known global retailers. These sites often promised huge discounts through fake “store closing” sales, luring unsuspecting consumers into the trap.

DomainTools traced thousands of such fraudulent domains, some of which impersonated luxury brands like Rolex and Cartier. The scammers created these fake websites using templates, automated processes, and even legitimate e-commerce platforms to generate convincing landing pages. The scale of the operation is staggering, with over 2,300 fraudulent domains tied to just one SSL certificate alone.

**Ponzi Schemes Disguised as Affiliate Programs**

The report also uncovers a disturbing trend: the use of brand impersonation to conduct financial fraud. Cybercriminals are preying on individuals looking for side-income opportunities by promising commissions for completing simple tasks, such as boosting online sales for well-known brands like Amazon and Target. Victims are led to believe they are joining legitimate affiliate programs when, in reality, they are being lured into Ponzi schemes.

These scams often require victims to invest in cryptocurrency, such as USDT (Tether), with the promise of high returns. The fraudsters then push victims to recruit others, creating a multi-level marketing front.

In one case, a fraudulent website using the domain “amazon-9000com” mimicked Amazon’s platform to convince users to invest in these fake opportunities. This particular scheme was linked to over 200 other fraudulent domains impersonating major brands, including Lazada, Walmart, and TikTok.

Example of malicious domains impersonating top brands (Screenshot: DomainTools)

**Copycat Scams Spread Quickly**

The third major finding in the report is the proliferation of **copycat schemes**. Once a scam proves successful, it is quickly replicated by other cyber criminals. For example, a domain called “targetpk8top” appeared in late 2023, impersonating Target in much the same way as earlier scams targeted Amazon. The same templates, naming conventions, and SSL certificates were used, showing how quickly these tactics spread across the cybercriminal ecosystem.

These copycat scams often follow a familiar playbook: they use fake investment schemes, promise high cryptocurrency returns, and rely on social media platforms to find new victims. By the time consumers realize they’ve been duped, the scammers have often disappeared, leaving little chance of recovering lost funds.

**What’s Next for Retailers?**

The report urges the retail sector to remain vigilant. These scams have been ongoing since at least 2020, and the perpetrators show no signs of slowing down. Retailers must monitor their online presence closely, especially regarding domain registrations and brand impersonations.

Additionally, collaboration is key. Organizations like the **Retail and Hospitality Information Sharing and Analysis Center (RH-ISAC)** and the **National Cyber-Forensics and Training Alliance (NCFTA)** are instrumental in sharing threat intelligence across the industry, helping retailers stay one step ahead of evolving cyber threats.

Although such scams are not new, their increased sophistication is only making it worse for unsuspecting customers and retailers. Therefore, both parties should recognize the threat posed by domain fraud and brand impersonation. Businesses should train their employees, and customers should learn how to identify scams or malicious websites.

1.  How to Increase Your Business’s Online Brand Awareness
2.  Memcyco Introduces Real-Time Solution to Combat Brandjacking
3.  Check Point Research: Microsoft the Most Phished Brand in Q2 2023
4.  Domain Squatting, rand Hijacking: A Silent Threat to Digital Enterprises
5.  42,000 phishing domains discovered masquerading as popular brands

From Amazon to Target: Hackers Mimic Top Brands in Global Crypto Scam

PRESS RELEASE

SAN FRANCISCO, Sept. 10, 2024 /PRNewswire/ -- appCD, the generative infrastructure from code company, today announced the close of its $12.3M seed round, its new identity as StackGen, and the appointment of Arshad Sayyad as Chief Business Officer. The round was led by Thomvest Ventures, with existing investors, FireBolt Ventures, WestWave Capital, and Secure Octane participating. StackGen will utilize the funding to accelerate product development, enhance its go-to-market strategy, and fuel company growth.

"StackGen represents the next evolution of our commitment to revolutionizing infrastructure from code," said Sachin Aggarwal, Co-founder and CEO of StackGen. "The funding will enable us to meet the growing demand from enterprise customers as we continue to deliver on our vision for the future of infrastructure from code. Our new name encapsulates this vision and mission to provide seamless, full-stack infrastructure solutions that enhance the developer experience and enforce industry standards, while embracing generative AI."

As stated in the Gartner® Hype Cycle™ for Platform Engineering, 2024, "The plethora of cloud infrastructure services across multiple cloud providers makes it difficult for platform engineers and developers to manage infrastructure change at the same pace as application code. Therefore, much like software engineers are productive working with higher-level abstractions using object-oriented programming languages with reusable modules, platform engineers seek similar benefits for improving their productivity and simplifying infrastructure delivery. IfC merges infrastructure and application code into a common programming model and a common programming language. IfC improves development and infrastructure agility by enabling infrastructure to change at the same pace as applications — developers focus on business logic and application architecture while infrastructure code is auto-generated based on organizational standards."

"Ensuring governance and consistency in deployments is crucial. StackGen provides default standardization, embedding consistency, security, and policy guardrails seamlessly into cloud deployments for enhanced application reliability," said Arvind Gidwani, CTO, SAP NS2. "StackGen is providing the necessary compliance and cloud automation at scale to help drive digital transformation."

"I am thrilled to be an investor and board member at StackGen, partnering with repeat founder and CEO Sachin Agarwal and his cofounders, Asif Awan and Arshad Sayyad," said Umesh Padval, Managing Director, Thomvest Ventures. "StackGen is revolutionizing the DevOps market with its Infrastructure from Code platform driving 10x productivity gains for DevOps and SecOps. The strong team, massive market opportunity along with differentiated and easy to use technology met the criterion of our thesis driven investments."

The rebranding to StackGen reflects the company's commitment to providing comprehensive infrastructure solutions that span the entire technology stack.

StackGen has expanded its leadership and go-to-market team with the appointment of Arshad Sayyad, former President of Fidelity Investments India and Managing Director at Accenture, Danielle Cook, CNCF Ambassador and ex-Fairwinds and Ondata, and Lauren Rother, ex-HashiCorp. 

StackGen launched its Dev Edition in March, and has already seen significant interest, with developers rapidly signing up to utilize its cutting-edge solutions. This early success underscores the growing demand for innovative infrastructure from code technologies and sets the stage for continued growth and market penetration.

Gartner, Hype Cycle for Platform Engineering, 2024, Manjunath Bhat, Bill Blosen, 19 June 2024

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, HYPE CYCLE are a registered trademark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About StackGen  
Founded in 2023 by serial entrepreneurs Sachin Aggarwal and Asif Awan, StackGen (formerly appCD) automatically generates Infrastructure from Code (IfC) based on application code with golden standards applied. Unlike manual Infrastructure as Code (IaC) creation or "golden templates" that quickly become outdated, StackGen generates IaC automatically from the application code, without requiring any code changes, and applies preset standards. StackGen provides seamless, full-stack infrastructure solutions that enhance the developer experience and enforce industry standards. Built for platform engineers and DevOps teams tasked with improving the developer experience and enforcing standards, StackGen reduces software development lifecycle (SDLC) bottlenecks, minimizes liabilities, and eliminates cognitive overload. StackGen is backed by notable venture capital firms Thomvest Ventures, WestWave Capital, FireBolt, and Secure Octane. For further information, please visit www.stackgen.com.

About appCD  
Founded in 2023 by serial entrepreneurs Sachin Aggarwal and Asif Awan, appCD automatically generates Infrastructure from Code (IfC) based on application code with golden standards applied. Unlike manual Infrastructure as Code (IaC) creation or "golden templates" that quickly become outdated, appCD generates IaC automatically from the application code, without requiring any code changes, and applies preset standards. Built for platform engineers and DevOps teams tasked with improving the developer experience and enforcing standards, appCD reduces software development lifecycle (SDLC) bottlenecks, minimizes liabilities, and eliminates cognitive overload. appCD is backed by notable venture capital firms Thomvest Ventures, WestWave Capital, FireBolt, and Secure Octane. For further information, please visit www.appCD.com.

AppCD Closes $12.3M Seed Round and Rebrands to StackGen

PRESS RELEASE

Darktrace plc (DARK.L), a global leader in cybersecurity AI, announces Poppy Gustafsson will step down as Chief Executive Officer (CEO) with effect from today and Jill Popelka, Darktrace's current Chief Operating Officer (COO), has been appointed as her successor. Jill will assume the role of CEO and will also be appointed to the Darktrace Board of Directors with effect from today.

Jill has more than two decades of experience of driving operational best practices and maturing teams, systems and processes for fast-growing businesses. She previously held senior leadership roles at leading global technology businesses, including Accenture, Snap Inc and SAP SuccessFactors, one of the largest enterprise cloud businesses in the world, which she led as President. Jill joined Darktrace in January 2024 as a Non-Executive Director, before assuming her current role of COO at Darktrace on 1 June 2024.

Poppy Gustafsson, outgoing CEO of Darktrace, said: "Darktrace has been a huge part of my life and my identity for over a decade and I am immensely proud of everything we have achieved in that time. Together we have revolutionised the marketplace for cyber security and brought our AI-powered technology to almost 10,000 customers around the world, keeping them safe from cyber disruption.

This challenge has required tremendous personal and professional commitment from me. With the acquisition of Darktrace by Thoma Bravo nearing its completion and with us having identified an excellent successor in Jill, now is the right time to hand over the reins so Jill can lead Darktrace through its transition into private ownership and beyond. I am profoundly grateful to have had the privilege of leading such an exceptional team and I look forward to remaining engaged in this exciting next chapter of the business as a non-executive director after the transaction completes. I remain Darktrace's number one fan."

Gordon Hurst, Chairman of Darktrace, said: "Poppy is a remarkable leader who has grown and nurtured one of the UK's proudest technology success stories. Under Poppy's stewardship, the business has transformed from a promising collaboration of AI and intelligence experts to a high-growth global leader in cyber security. This has been reflected in the significant value Darktrace has created for its shareholders under Poppy's leadership since its IPO in 2021 and through the acquisition by Thoma Bravo, one of the world's leading investors in software businesses.

"Jill is a proven and highly regarded leader in global technology businesses who has contributed immensely to the Board and more recently in her role as COO. With Poppy stepping down, the Board has implemented its CEO succession plan and is delighted that Jill has accepted the role of CEO. She has the deep sector experience, people leadership skills and energy and passion to lead Darktrace into the next stage of its journey."

Jill Popelka, incoming CEO of Darktrace, said: "Poppy and the team have built something very special. The potential of Darktrace is enormous - our technology has never been more critical to organisations around the world and our AI-native capabilities position us at the forefront of the ever-changing cyber security market. We have an outstanding platform offering, a broad base of customers across the globe, and some of the most talented people working in technology, not least our remarkable R&D teams based in Cambridge and The Hague.  I am excited to partner with the whole Darktrace team to take advantage of the many opportunities we have ahead of us as we embark on this next phase of our journey." 

Andrew Almeida, Partner at Thoma Bravo, said: "We are fully supportive of Poppy and the Board's succession plan. Jill is the perfect leader to build on Poppy's tremendous legacy at Darktrace as it embarks on this next phase of its life given her immense experience of scaling and maturing fast-growing businesses. She cares deeply about people, about serving customers and about creating a company with a sense of mission and purpose at its core. We look forward to working with Jill and the wider team to help elevate Darktrace's place as the essential cybersecurity platform for the changing threat landscape."

The acquisition of Darktrace by Thoma Bravo continues to progress as anticipated. All antitrust and regulatory approvals have now been received, with the exception of one foreign regulatory approval, which is currently anticipated by 28 September 2024. Per the transaction timetable, Darktrace will seek the UKcourt's sanction of the transaction as soon as this final regulatory approval has been received, with the closing of the transaction expected shortly afterwards.  

This announcement is made in accordance with the notification requirement in UKLR 6.4.6R and there are no other disclosures that need to be made under UKLR 6.4.8R relating to the appointment of Jill Popelka.

Poppy Gustafsson to Step Down As CEO of Darktrace; Jill Popelka Appointed Successor

Red Hat Security Advisory 2024-6559-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_6559.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: postgresql:12 security updateAdvisory ID:        RHSA-2024:6559-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:6559Issue date:         2024-09-10Revision:           03CVE Names:          CVE-2024-7348====================================================================Summary: An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:PostgreSQL is an advanced object-relational database management system (DBMS).Security Fix(es):* postgresql: PostgreSQL relation replacement during pg_dump executes arbitrary SQL (CVE-2024-7348)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-7348References:https://access.redhat.com/security/updates/classification/#important

Red Hat Security Advisory 2024-6559-03

Red Hat Security Advisory 2024-6558-03 - An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_6558.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: postgresql:13 security updateAdvisory ID:        RHSA-2024:6558-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:6558Issue date:         2024-09-10Revision:           03CVE Names:          CVE-2024-7348====================================================================Summary: An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:PostgreSQL is an advanced object-relational database management system (DBMS).Security Fix(es):* postgresql: PostgreSQL relation replacement during pg_dump executes arbitrary SQL (CVE-2024-7348)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-7348References:https://access.redhat.com/security/updates/classification/#important

Tag

#sap