If you’ve been paying attention to cybersecurity, it’s very likely you’ve seen news regarding Github’s survival of the largest DDOS attack recorded in history. Clocking in at 1.3 TBPS (terabytes per second) it’s impressive that their network didn’t tank. This is in part due to the services of Akamai who was able to successfully proxy and scrub the network traffic.
With the Center for Internet Security (CIS) set to launch version 7 of the CIS Controls (formerly the SANS Critical Security Controls) this March 19th, it’s a great time to review your cybersecurity posture and make sure you’re keeping pace. The latest update is expected to make minor changes that reflect the changing security landscape. While prioritization of the controls may change, it’s unlikely that many of the core controls will change substantively.
Imagine this scenario: It's Monday morning. As far as Mondays go, this looks to be a relatively light day. No changes were made over the weekend, so you do not anticipate any fires to put out. All you have to focus on are a couple meetings later this morning. Before those meetings begin, you check your favorite tech outlet (we recommend Cygilant Daily Security Briefing), and realize that a major vendor has announced a critical vulnerability. This vulnerability could potentially be on every node across your network. One executive finds out about this issue shortly after. He or she now needs to know where the company stands.
It’s been a busy week for information security in the retail and hospitality sector. Earlier last week, InterContinental Hotels Group (IHG) acknowledged a credit card data breach that impacted more than a dozen properties across their hotel brands spanning the United States and the Caribbean. Similarly, fast food chain Arby’s disclosed on Friday that it had recently remediated a breach of data on up to 1,000 of their corporate-owned locations.
Businesses must take IT security seriously because their financial future depends on it. IT security is a broad topic that covers a range of different fields.
Here we'll discuss common vulnerabilities and why companies must ensure their operational systems are well-protected from cybercriminals.
"Interjection vulnerabilities are one of the most common and oldest web application vulnerabilities."
1. Injection vulnerabilities
Interjection vulnerabilities, such as cross-site scripting and CRLF injection, are one of the most common and oldest web application vulnerabilities because it's easy for cybercriminals to access and affect (or infect) them.
Last week, it was reported by SiliconBeat that NASA’s CIO, Renee Wynn, had allowed an Authority to Operate (ATO) for a key network to expire because the network in question had over 15,000 critical vulnerabilities that had not been properly patched. The move was apparently intended to hold the contractor in charge of maintenance of the devices accountable for their contractual obligations by bringing visibility to the situation.
In a recent article on Credit Union Journal, I wrote about how to go beyond risk management to assess vulnerabilities in order to secure your data. It’s important to understand that vulnerability and risk are not the same thing. Risk is the probability of the vulnerability being exploited multiplied by the cost of damage it will cause. This is required for risk evaluation and will help you focus your remediation efforts as well as define compliance boundaries. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities especially in software and firmware. It works by analyzing computer systems for known vulnerabilities such as open ports, insecure software configuration, susceptibility to malware, etc.
With bugs like the glibc vulnerability announced nearly every day, it’s important to consider how your organization handles vulnerability management. How do you know which of your critical systems are exposed to which new vulnerabilities? If you had only one server or device to keep track of, you might know all the details of the device’s configurations; which software is running, and which versions are installed. But even then, keeping up with the latest CVE announcements and identifying which of these affect your system may be overwhelming, particularly if maintaining the device is not your only job. If you’re like many of the IT professionals we speak with every day, you’re wearing many hats and fighting constant fires. Therefore, it becomes critical to construct a comprehensive vulnerability management program to protect your organization. Here are three things every security professional should consider when building a vulnerability management program:
Another day, another update to install—if businesses stay on top of these software patches, are they well defended against cybersecurity threats? Only those who believe in the method known as “patch and pray” would say so. To patch and pray is to simply apply a patch and then hope for the best. But patches often deliver disappointing security performances, and the approach itself produces a fundamental flaw, which means companies should supplement patching with the proactive practice of vulnerability management.