Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cyber Vulnerabilities. Show all posts
Digital Platform
Cyber Security Cyber Vulnerabilities Digital Digital Age Digital Platform

Time to bring order to Cyber Chaos

 

In today's digital era, businesses are embracing rapid changes to enhance efficiency, but with it comes a surge in cybersecurity challenges. Last year saw a staggering 29,000 new IT vulnerabilities reported globally, emphasising the need for a strategic approach. 
 
The Challenge: Businesses face overwhelming data and fragmentation issues, operating across intricate networks that make it challenging to identify vulnerabilities. With interconnected systems, a vulnerability in one device can lead to widespread disruption, creating a need for effective risk management. 
 
Information Overload: 
 
The National Vulnerability Database reported over 25,000 vulnerabilities in 2022 alone, causing information overload for organisations. It's unrealistic for firms to patch everything; they can only address 5-20% of identified vulnerabilities per month. Prioritisation becomes crucial, focusing on the most critical vulnerabilities in real-time. 
 
The Need for Change: 
 
Traditional risk prioritisation methods need to be revised in complex network ecosystems. Shadow IT, data obsolescence and outdated asset inventories worsen the confusion. A new approach is essential to adapt to the evolving cyber landscape. 
 
Solution: Risk-Based Vulnerability Management (RBVM) 
 
RBVM shifts from the traditional tick-box approach to a nuanced method. It evaluates vulnerabilities based on severity and the organisation's unique context, industry, and operations. RBVM provides a holistic network view, integrating with existing security tools and utilising threat intelligence for dynamic prioritisation. 
 
Effective RBVM is not just about tools; it relies on people managing vulnerabilities. Establishing responsibilities, fostering accountability, and ensuring coherent team efforts are vital. People, processes, and tools together transform vulnerability chaos into manageable order. 

Businesses must align vulnerability management with compliance and regulatory requirements. The Common Vulnerability Scoring System (CVSS) 4.0 emphasises a granular framework, but relying solely on CVSS scores may lead to misguided priorities. Smaller organisations balance reactive and preventive measures, while larger enterprises delve into asset management and threat intelligence. 
 
Successful RBVM adoption requires efforts across the business. Aligning C-level strategy, streamlining IT processes, and fostering a culture of knowledge sharing create resilience in the face of cyber threats. 
 
So it appears, that navigating the complex cyber world demands a simplified yet comprehensive approach. By embracing RBVM, businesses can effectively manage vulnerabilities, protect against cyber threats, and build a strong defence system for the future.
Read more »
practices against data theft
Cyber Attacks Cyber Vulnerabilities Data Theft practices against data theft

Best Cybersecurity Practices to Instill in Your End-Users

Recently a study has been done on password reuse threats and it was discovered that password reuse is a big security threat to companies worldwide since 64% of people continue to use passwords that have been exposed in a breach. 

As we are spending a large amount of our time online, working from our own systems,  we also end up sharing our personal data over the internet since we are becoming more reliant on it for our daily services. 

It has become extremely important to protect our sensitive data from cybersecurity threats. Poor password hygiene by end-users can put your organization at great security risk, and also make your company’s sensitive data vulnerable to cyber-attack. 

To prevent cybersecurity attacks the company should start a defense mechanism that starts with educating employees. The security awareness program should include phishing and social engineering, access, passwords, connection, device security, physical security, etc. 

Cybersecurity awareness training will help employees to become more aware, and knowledgeable against the latest cybersecurity threats targeting end-users. 

There are various ways to protect your system but these 5 security practices are indispensable to prevent cybersecurity threats and to train your employees. 

 1. Don’t leave information unprotected 

The company should encourage employees to lock their systems when they are not around. Leaving your screen unlocked could increase the risk of someone viewing or accessing important data. 

2. Enforce password policy compliance 

It should be mandatory for employees to comply with the password policy rules of the organization. The organizations should enforce length and complexity and also make sure that the password should be blocking over 3 billion known breached passwords. 

3. Utilize MFA whenever possible 

The implementation of multifactor authentication (MFA) should be mandatory for end-users logging into work apps by the organization, and also changing, and resetting their passwords from time to time. 

4. Use a password manager 

Password manager is not only recommended to the end-user but to utilize shared vault features to prevent insecure password sharing among other employees. 

5. Data Privacy and Storage Policies 

Encouraging employees for data storage best practices, as well as implementing a zero-trust framework in your organization, ensures none of your end-users are unknowing putting your data at risk.
Read more »
Zero-trust cyber strategy
Cyber Security Cyber Threats Cyber Vulnerabilities Pentagon Zero-trust cyber strategy

Pentagon to Unveil Zero-Trust Cyber Strategy


The U.S. Department of Defense is preparing itself to publish a zero-trust strategy in the coming days. The motive behind this act is to achieve a new level of cybersecurity since cyber threat groups are advancing their methods of targeting primary firms constantly. 

Following the announcement, Pentagon Chief Information Officer John Sherman reported on Monday that he gave his approval to the new plan last Thursday and it is now going through the public review process. He also added that the documents will be out very soon. 

The department previously had reported that the framework of the new look of cybersecurity would be unveiled in September and seeks to put the Defense Department on a path to reach what’s referred to as a “targeted” level of security by the year 2027. 

David McKeown, deputy chief information officer for cybersecurity, said at the Billington Cybersecurity Summit, “We have a definition of what it takes to check the box and fulfill that particular capability. Those 90 capabilities are going to get us to what we’re calling targeted zero trust.” 

The framework is being prepared on the seven pillars of zero trust and comprises more than 100 activities including applications, automation, and analytics, to keep critical data secure. The Pentagon has increasingly been focusing on a zero-trust framework because it assumes a network is always at risk of being exposed to threats and it is a necessity that all users should be authenticated and authorized. 

“A key tenet of a zero trust architecture is that no network is implicitly considered trusted — a principle that may be at odds with some agencies’ current approach to securing networks and associated systems and all traffic must be encrypted and authenticated as soon as practicable,” according to the memorandum. “A couple are at the 90% level for meeting those targeted zero trust capabilities. So we’re really excited about that, that we have those three offerings. The fact that we’re pointing to the cloud continues our strategy overall in the department to increase our cloud utilization and it also furthers the federal government’s goal of increasing cloud utilization.”

The department also explained that the framework includes three methods to target zero trust goals which include uplifting each service and agency’s current environment to satisfy the 90 capabilities and implementing a zero trust cloud on-premises that meets the highest level of zero trust.


Read more »
Vulnerabilities and Exploits
Cyber flaws cyber incident Cyber Vulnerabilities Data theft extortion Flaws Matrix Vulnerabilities and Exploits

A Matrix Update Patches Serious End-to-End Encryption Flaws

Recently the open source Matrix messenger protocol published security warnings on its platform about two critical-severity vulnerabilities that affect the end-to-end encryption in the software development kit (SDK). 

As per the warning statement, the groups of malicious actors are exploiting these vulnerabilities that could break the confidentiality of Matrix communications. The vulnerabilities also allow the threat actors to run man-in-the-middle attacks that expose message contents in a readable form. 

According to the technical data, the users who were using the matrix-js-sdk, matrix-android-sdk2, and matrix-ios-sdk, like Element, Cinny, SchildiChat, Beeper, Circuli, and Synod.im have been hit by the bugs. However, the platform clarified that clients using a different encryption implementation such as Hydrogen, Nheko, ElementX, FluffyChat, Timmy, Syphon, Gomuks, Pantalaimon) are safe from the attacks. 

The vulnerabilities were reported to Matrix by the researchers of Brave Software, the University of Sheffield, and the Royal Holloway University in London. The group published the technical details of the research findings. 

List of the critical severity flaws discovered by the team

 
  • CVE-2022-39255: Same as CVE-2022-39251 but impacting matrix-ios-sdk (iOS clients). 
  • CVE-2022-39251: Protocol-confusion bug in matrix-js-sdk, leading to incorrectly accepting messages from a spoofed sender, possibly impersonating a trusted sender. 

The same flaw makes it possible for malicious home server admins to add backup keys to the target's account. 

  • CVE-2022-39250: Key/Device identifier confusion in SAS verification on matrix-js-sdk, enabling a malicious server administrator to break emoji-based verification when cross-signing is used, authenticating themselves instead of the target user.
  • CVE-2022-39257: Same as CVE-2022-39249 but impacting matrix-ios-sdk (iOS clients).
  • CVE-2022-39248: Same as CVE-2022-39251 but impacting matrix-android-sdk2 (Android clients). 
  • CVE-2022-39249: Semi-trusted impersonation problem in matrix-js-sdk leading to accepting keys forwarded without request, making impersonation of other users in the server possible. Clients mark these messages as suspicious on the recipient's end,  thus dropping the severity of the bug. 
  • CVE-2022-39246: Same as CVE-2022-39249 but impacting matrix-android-sdk2 (Android clients). 
Furthermore, the report detailing listed two problems that are yet to receive an identification number. One of these problems allows malicious actors access to the home server and the second refers to using AES-CTR. 

Read more »
Security Survey
Cyber risks Cyber Security Cyber Vulnerabilities Data threats Security Survey

How Often do Developers Push Vulnerable Code?

In a recent Research Synopsys stated that 48% of organizations deliberately push vulnerable code in their application security programs due to time constraints. The survey has been published after a thorough investigation conducted on more than 400 U.S.-based developers who work at organizations where they currently have CI/CD tools in place. 

The survey report named “Modern Application Development Security” examined to what extent threat security teams understand modern development and deployment practices, and where security controls are required to lower the risk. 

Following the survey, 60% of respondents mentioned that their production applications were exploited by OWASP top-10 vulnerabilities in the past 12 months. 42% of developers push vulnerable code once per month. 

The research stated that certain organizations knowingly push vulnerable codes without a thorough understanding of the security risks that they are taking. Employees think that it does not come into their bucket of responsibility to fix the code before the immense pressure. 

29% of developers within their organization lack the knowledge to mitigate issues. Developers play a very important role in application security, but the report stated that they lack the skills and training. Nearly one-third (29%) of respondents express that developers within their organization lack the knowledge to mitigate issues identified by their current application security tools. Further, the report said that Developers fix only 32% of known vulnerabilities. 

The researchers have also given solutions to fix the vulnerabilities efficiently. A third of vulnerabilities are noise. To reduce false-positive vulnerabilities, scans must have access to all of the required data so that security tools can accurately research whether vulnerability exists. Reducing security noise will allow developers to address security issues confidently and on time. 

Following the research, Tromzo CTO Harshit Chitalia said, “These findings show that developers regularly ignore security issues, but can we really blame them? Security teams are bombarding them with an endless stream of issues that need to be addressed with no way for them to separate what’s actually critical from all the noise, all while they are expected to release software more frequently and faster than ever before…” 

“…If we want developers to truly implement security, we must make it easy for them. This means integrating contextual and automated security checks into the SDLC so we can transition from security gates to security guardrails,” he further added, 
Read more »
Subscribe to: Posts (Atom)