Aggregator

By Scott ArciszewskiThis post, the second in our series on cryptography in the c

The world of APIs is changing fast ? as is what it takes to secure them. Our new Power of N campaign explains why.

At Tenable, our mission is to manage and reduce cyber risk, because cyber risk is business risk. Feedback from dozens of top CISOs is reflected in our latest brand evolution. Tenable is the exposure management company that helps customers know where their weaknesses lie, expose their risk and close the gaps. Welcome to Tenable. Your exposure ends here.

Today marks the beginning of the next era for the Tenable brand.

Ten months ago, I joined Tenable feeling incredibly energized by the opportunity ahead. We had an expanding portfolio of world-class exposure management solutions and a worldwide reputation for excellence, integrity and trust.

And when I began meeting with customers, I discovered an asset I did not fully anticipate – extreme brand relevance.

While Tenable has been around for more than two decades, it became clear that everything Tenable has done since its start has been leading up to this market moment.

Are we at risk?

Sit down with any CISO, and you’ll quickly understand how tough their job is right now.

They’re on the hook to securely adopt new technologies to accelerate transformation while doing more with less. Above all, they are under intense pressure to reduce business risk. And if they fail it’s not just a career setback, it could mean jail time.

This would be a massive challenge under any conditions, but it comes at a time when the modern attack surface is exploding in size and complexity. Most security teams manage multiple clouds and identities across a converged IoT, OT and IT landscape. And each technology brings its own security tools. The result is a deeply divided approach to seeing and doing battle against cyber risk.

Amidst all that complexity, security leaders are looking to answer one simple question: are we exposed and are we at risk?

As the pioneers of both the vulnerability management and exposure management movements, there’s no company better positioned to help them answer this question than Tenable.

Today, we’re launching a refreshed brand and website to tell the world how we’re doing it.

Know, expose, close

At the heart of our new brand lies the differentiated value we bring our customers. We give enterprises the unmatched ability to:

• KNOW their weaknesses: Gaining an all-inclusive view of cyber risk that uncovers the truth about deadly gaps across all assets and attack pathways.
• EXPOSE their risk: Identifying, understanding and quantifying the cyber weaknesses with the greatest potential to erode their enterprise’s value, reputation and trust.
• CLOSE their gaps: Taking swift action to eradicate priority cyber exposures anywhere to reduce business risk everywhere.

By radically unifying security visibility, insight and action across the attack surface, we’re equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between.

Check us out at Black Hat

To learn more about what we’re doing to isolate and eradicate the cyber exposures that hold organizations back, have a look around our website and our Black Hat presence in Las Vegas this week. We’ll look and sound a little different as we reflect our expanded portfolio and impact.

You’ll have a chance to experience the new ways we’re uncovering where exposures live – in the cloud, in OT/IoT environments, and even in the identities of the devices and personnel on organizational systems. And find out how our newly introduced Vulnerability Intelligence and Exposure Remediation features once again take vulnerability management to the next level.

We hope to see you on the floor at Mandalay Bay (we’re in booth #1932). Also, catch our speaking slots on Wednesday, August 7. 

A singular promise

For today’s security teams, the rise of cyber threats can feel unstoppable. At Tenable, we believe every enterprise has the right to be free of cyber exposure and worry.

Today is a very special day as we introduce the world to our new brand and the singular promise it makes to our customers: Your Exposure Ends Here.

Ultimately, a more cyber-secure world requires a global governing body to regulate and campaign for cybersecurity, with consistent regulatory requirements in the various regions around the world.

A threat actor has reportedly claimed responsibility for leaking a database belonging to SisaCloud, Thailand’s School Information System Advance. This alarming news was first reported by DailyDarkWeb on their social media platform, X.com, raising significant concerns about the security of educational data in Thailand. Details of the Alleged Leak The threat actor claims that the […]

The post Threat Actor Allegedly Claims Leak of SisaCloud Database appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity experts have uncovered a sophisticated Android spyware, LianSpy, targeting users to steal sensitive data. This spyware employs advanced evasion techniques, making it a significant threat to Android device users worldwide. How LianSpy Operates LianSpy begins its operation by determining if it runs as a system app, granting it automatic permissions. If not, it requests […]

The post New LianSpy Attacking Android Users to Steal Sensitive Data appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Organizations in Kazakhstan are the target of a threat activity cluster dubbed Bloody Wolf that delivers a commodity malware called STRRAT (aka Strigoi Master). "The program selling for as little as $80 on underground resources allows the adversaries to take control of corporate computers and hijack restricted data," cybersecurity vendor BI.ZONE said in a new analysis. The cyber attacks employ

Network Security / Threat IntelligenceOrganizations in Kazakhstan are the target of a threat activ

Today, decision makers at the world’s largest enterprises, from the CISO to the CEO, are increasing

Prioritizing vulnerabilities with context has always been a challenge for vulnerability management t

Prioritizing vulnerabilities with context has always been a challenge for vulnerability management teams – and this task isn’t getting easier as published CVEs continue to grow. To remedy this, many enterprises are forced to invest in products and services to protect their environments with various intelligence data and tools. In this blog, we explain how Tenable Vulnerability Intelligence and Exposure Response help organizations to make data-driven decisions to better prioritize and operationalize their programs.

Vulnerability management presents a seemingly insurmountable obstacle for organizations: How to deal with a massive and rapidly growing number of published Common Vulnerabilities and Exposures (CVEs). As an organization that has been focused on vulnerability management from the beginning, Tenable also grapples with this issue but with an added complication: because of our broad customer base, we need to cover as many CVEs in as many products as possible while maintaining risk context, accuracy and reliability.

The solution isn’t to try to check for every possible combination of CVEs and affected products. We have to prioritize the most critical vulnerabilities with accurate and targeted context. To make these decisions quickly and precisely, Tenable leverages a vast, searchable database of vulnerability information from both external sources and from Tenable Research. This is the same data source that drives a new capability in the Tenable Vulnerability Management product called Vulnerability Intelligence, which is aimed at helping customers better operationalize their vulnerability management programs and make quick data-driven prioritization decisions.

It’s bad and getting worse

We’re only halfway through 2024, and we’re well on pace to exceed 30,000 published CVEs this year. Further complicating matters, we’re seeing more and more CVEs in underlying components, frameworks, and language libraries. This means organizations aren’t fixing a single application but rather tracking down and fixing every application that leverages the impacted vulnerable component.

Leveraging Vulnerability Intelligence to build prioritization strategies

 At Tenable, beyond our everyday efforts to provide up-to-date vulnerability coverage for releases of major products, we are constantly on the lookout for the next major vulnerability to ensure we can respond as quickly as possible. Leveraging the contextual data from Vulnerability Intelligence is critical to ensuring we can make informed decisions quickly. Additionally, with the significant backlog that the National Vulnerability Database (NVD) is facing, our Vulnerability Intelligence dataset has allowed us to keep up to date with the latest vulnerabilities and risks as we are not tied to a single data source.

Opening up Vulnerability Intelligence brings you to a set of hexagons that represent risk categories of vulnerabilities that we want to highlight as having the highest level of threats. While not exclusively the decision criteria used, the categories in Vulnerability Intelligence are based on data points that feed into the Tenable Vulnerability Database which drives our risk rating decisions. 

Categories include: 

• Emerging Threats is a set of vulnerabilities that are being actively monitored by our Security Response team and often have a direct path from that team to the development of plugins to cover those vulnerabilities, particularly those in the Vulnerabilities of Interest and Vulnerabilities of Concern category.
• VPR gives our teams a numerical score to quickly input and sort on, though as with any score, understanding the context behind it is critical.
• Ransomware highlights vulnerabilities associated with this type of attack, particularly in major enterprise applications as those can lead to attacks that are particularly dangerous for any organizations.

As can be seen in the screenshot above, focusing on any of these target categories can significantly reduce the numbers of CVEs to focus on. Contrasted against the about 250,000 CVEs that have been published, the numbers above become far more manageable and speak to real risk, as opposed to the severity scores that come from leveraging CVSS metrics.

Turning data into a prioritization strategy

Many organizations are still building operations around basic prioritization metrics - whether it’s targeting specific products, CVSS scores or proprietary mandates. Often this is because of a need to adhere to a specific compliance standard, or simply because of a need to have something that can be measured. While tracking and measuring against a simple CVSS score or severity can be straightforward, it does not provide a lot of context and it is not a strategy that has a demonstrable impact on risk.

 

That’s where the new Exposure Response capability in Tenable Vulnerability Management also helps us. Exposure Response enables teams to develop vulnerability management strategies that are measurable and reflect real world risk. One of the most important tools in any VM program is the ability to track performance. Unfortunately, most graphs end up looking like a flatline because the number of new vulnerabilities coming in ends up canceling out the number of vulnerabilities that get remediated on an ongoing basis. By having more focused targets, it is possible to truly measure performance over time and set achievable SLA targets.

 

 

CISA KEV Initiatives

The U.S. Cybersecurity and Infrastructure Security Agency’s Known Exploited Vulnerabilities (KEV) catalog (KEV) has become a valuable and popular resource that brings focus to a particular set of vulnerabilities which have evidence of exploitation in the wild. While the KEV is not comprehensive, the risk associated with these particular CVEs, and the attention many organizations pay to the KEV, has made it one of several benchmarks our Tenable Research teams use for tracking vulnerability coverage. Using Exposure Response, vulnerability management teams can similarly create a trackable CISA KEV-based initiative to benchmark their remediation efforts against. As mentioned previously, SLAs and benchmarks are critical for any remediation strategy. We strive to have coverage for KEV vulnerabilities as quickly as possible, ideally before they hit the KEV but, if not, often within hours of publication to the KEV.

Exposure Response provides the exact tools needed to put these sorts of measurements into place. Given the visibility and risk associated with the KEV, it may make sense to set an SLA of just a few days and aim for maintaining a benchmark of >90% of findings remediated. The key is ensuring that the strategies that are put in place are measurable and achievable.

Unlike the 250,000 CVEs that have been published, to date there are only 1,134 CVEs in the CISA KEV catalog. With only a handful of CVEs added to the KEV each month, this is an impactful set of CVEs that teams can actually measure performance against.

Conclusion

Prioritization and operationalization of vulnerabilities has long been a major challenge for vulnerability management teams. The sheer number of vulnerabilities published year after year means that teams simply can’t keep up and the lack of easy-to-access context means that prioritization is often either a guessing game, a massive amount of work, or a limited effort that falls short, such as focusing only on CVSS severities. Tenable Vulnerability Management introduced Vulnerability Intelligence with all the context needed in one place and Exposure Response to operationalize the targeted and measurable vulnerability management workflow.

Learn more

• Attend our webinar, From Frustration to Efficiency: Optimize Your Vuln Management Workflows and Security with Tenable
• Read the press release
• Get more information about Vulnerability Intelligence and Exposure Response
• View the Tenable Vulnerability Management product page

A threat actor has claimed responsibility for breaching Gregory’s Foods, a well-known supplier of frozen bread, bun, and cookie doughs, among other bakery products. The announcement was made on a dark web forum, where the alleged hacker stated that a 400GB database file from Gregory’s Foods is now up for sale. This breach has raised […]

The post Threat Actor Claiming Breach of Gregory’s Foods 400Gb Database appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Hackers often make use of fake AI editor websites for several illicit purposes with malicious intent.  Among their prime activities are deceiving users into providing personal information, downloading malware, making payments for fraudulent services, and many more. Recently, cybersecurity researchers at Trend Micro identified a sophisticated malvertising campaign that targeted social media users through a […]

The post Beware Of Fake AI Editor Website That Steals Your Login Credentials appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

The launch date for the repeatedly delayed replacement service for Action Fraud, the much-criticize

Keytronic incurred approximately $17 million of expenses following ransomware attackPrinted ci

Printed circuit board assembly (PCBA) manufacturer Keytronic reported that a recent ransomware attack led to expenses and lost revenue exceeding $17 million. In June, Keytronic disclosed a data breach after a ransomware group leaked allegedly stolen personal information from its systems. The company did not provide any info on the ransomware operation that hit its […]

Пользователям предлагают установить uBlock Origin Lite или искать альтернативу.