While adjusting to life under a pandemic, we’ve become familiar with a host of medical and safety terminology that either didn’t exist before or was of little interest to anyone not in the medical or scientific community. Phrases like social distancing, contact tracing, and super-spreader have now become part of the common lexicon. They matter to us because we want to be safe and we want to keep our loved ones and friends safe, too. … More
Virsec announced the release of the Virsec Security Platform (VSP) 2.0, a powerful solution for container workload protection with runtime visibility and zero-dwell-time defense throughout running container images, and including binaries, libraries, interpreted code and memory. The new solution enhances the already deep cybersecurity capabilities of the Virsec platform, adding contextual awareness and delivering precise, automated protection that stops known and evolving cyberattacks within containerized application workloads deployed and running in production. Containerized workloads used … More
Authorities have executed a court-authorized operation to copy and remove malicious web shells from hundreds of vulnerable on-premises versions of Microsoft Exchange Server software in the United States. Through January and February 2021, certain hacking groups exploited zero-day vulnerabilities in Microsoft Exchange Server software to access email accounts and place web shells for continued access. Web shells are pieces of code or scripts that enable remote administration. Other hacking groups followed suit starting in early … More
Over the past year, 65% of people around the world report spending more time online than ever before, likely a result of the COVID-19 pandemic. As we connected to the internet for everything from work and school to entertainment, social connection and even groceries, cybercriminals took advantage and launched coordinated attacks and convincing scams. NortonLifeLock revealed that in the past year nearly 330 million people across 10 countries were victims of cybercrime and more than … More
A security operations center (SOC) is the central nervous system of any advanced cybersecurity program. Yet even the most well-funded, highly organized and properly equipped SOC is often no match for a simple misconfiguration error. Organizations have piled security controls upon security controls, and still remain largely blind to the most serious threats they face. Why? Because they are often blind to the attackable surface. Defenders think in lists, adversaries think in attack graphs The … More
Here’s an overview of some of last week’s most interesting news, articles and reviews: SAP applications are getting compromised by skilled attackers Newly provisioned, unprotected SAP applications in cloud environments are getting discovered and compromised in mere hours, Onapsis researchers have found, and vulnerabilities affecting them are being weaponized in less than 72 hours after SAP releases security patches. Office 365 phishing campaign uses publicly hosted JavaScript code A new phishing campaign targeting Office 365 … More
March kept us all very busy with the ongoing out-of-band Microsoft updates for Exchange Server and the printing BSODs, which plagued us since last Patch Tuesday. It looks like a standard release of updates from Microsoft next week, but before we get to patching vulnerabilities, I would like to focus on the need to discover and report on them. I entered the software and security market back in the mid-1980s when the internet was growing … More
ShiftLeft introduced ShiftLeft CORE, a unified code security platform. Powered by ShiftLeft’s Code Property Graph (CPG) engine, the ShiftLeft CORE platform features NextGen Static Analysis (NG SAST), a modern code analysis solution built to support developer workflows; Intelligent Software Composition Analysis (SCA), which scores code vulnerabilities based on whether an attacker can reach it; and ShiftLeft Educate, which delivers contextual security training for developers within the developer workflow. “With security of the software supply chain … More
VMware unveiled expanded cloud workload protection capabilities to deliver security for containers and Kubernetes. The new solution will help increase visibility, enable compliance and enhance security for containerized applications from build to production in public cloud and on-premises environments. “Containers and Kubernetes are enabling organizations to develop and modernize applications faster than ever, but the innovation is also expanding the attack surface,” said Patrick Morley, senior vice president and general manager, Security Business Unit, VMware. … More
In the people-process-technology triad, human error is the top reason for breaches, accounting for 70% of successful attacks, a Cyberinc survey reveals. The next biggest cause is vulnerability management through patches and upgrades, accounting for just 14% of successful attacks. Securing remote users is top priority The report also shows that more than 60% of respondents said that securing remote users is their top security priority in 2021, and roughly three-fourths of individuals indicated that … More
A little over a decade ago, John Kindervag outlined the Zero Trust security model. As a VP and Principal Analyst on the Security and Risk Team at Forrester Research, he spent years doing primary research and the result was a new model of trust, a new approach to cybersecurity, and a security strategy designed to stop the mounting data breaches. In the intervening years, Zero Trust gained many adherents and proponents, and with good reason: … More
Two vulnerabilities (CVE-2021-21975, CVE-2021-21983) recently patched by VMware in its vRealize Operations platform can be chained together to achieve unauthenticated remote code execution (RCE) on the underlying operating system, Positive Technologies researchers have found. There is no PoC currently available and no mention of the vulnerabilities being exploited in the wild. Nevertheless, administrators are advised to implement provided security patches or temporary workarounds as soon as possible. VMware vRealize Operations vulnerabilities could lead to RCE … More
