The latest vulnerability, GhostCat, affects all versions (9.x/8.x/7.x/6.x) of Apache Tomcat released in the past 13 years. The new found vulnerability can allow hackers to take over unpatched systems.
With so many data breaches in the news, organization everywhere are reviewing their cybersecurity programs to ensure they stay out of the headlines. Since many high-profile data breaches have been caused by unaddressed vulnerabilities for which patches were available, organizations are increasingly looking to deploy solutions to help close these gaps.
How does vulnerability management help prevent hacks?
This week, an article on Healthcare Info Security pointed me to the Department of Health and Human Services' Office for Civil Rights' latest monthly newsletter which reminded HIPAA-covered healthcare organizations that software patching was a critical step in securing their networks and offered some advice about the tools and processes to implement. As the article points out, the advice applies to nearly all organizations, not just those in the healthcare sector, but it can be difficult for organizations to put into practice.
It was reported yesterday that Adobe has once again issued a critical patch for it’s Flash Player browser plugin due to a vulnerability that is being actively exploited to deploy malicious software. We’ve written before about the dangers of Flash and even Adobe has announced it will end support for the software at the end of 2020. However, while many security-minded professionals have heeded the advice to remove or enable click-to-run for this plugin, others have not. Many organizations still rely on websites and software that utilize the plugin for needed functionality and can’t simply remove the software entirely.
So often the cause of the major breaches we see in the news is failure by the organization to patch a software vulnerability for which a patch has long been available. Hackers know organizations often lag months or longer on installing available patches and they take advantage of these gaps in your security to gain access and cause harm. Oftentimes this lag is because the organizations do not have the time, resources, or technology needed to effectively identify vulnerabilities and implement the necessary remediation.
If you watched Zuck testify in Congress in early April 2018, you could feel the nation’s mindset around security and data privacy shifting in a positive direction. The people not in the security community learned that even when they think they’re protecting their data, they’re not. They might be asking themselves, what can I do to protect my data online? Delete my Facebook? Throw my cell phone into the abyss? Close my bank account? Then, you realize, we’d be lost without these life lines.
In this blog post, we will cover the vulnerability scan requirements for Payment Card Industry Data Security Standard (PCI DSS). The adoption of these requirements helps ensure that your environment is not only compliant with PCI regulations, but also meets best security practices. This vulnerability data can also help provide a deeper understanding of your environment and where time and attention needs to be spent.
One of the best ways to reduce risk quickly is to identify and remediate vulnerabilities across your network devices. And a vulnerability scanner can be a terrific way to seek out vulnerabilities lurking in your infrastructure. But how do you create a plan to scan your network devices regularly as new vulnerabilities continue to emerge, and what do you do with the scan results? A vulnerability scanner can be a great tool when you take the time to use it to its fullest. But all too often this type of software goes unused or underused because time isn’t easy to come by in most security organizations.
If you’ve been paying attention to cybersecurity, it’s very likely you’ve seen news regarding Github’s survival of the largest DDOS attack recorded in history. Clocking in at 1.3 TBPS (terabytes per second) it’s impressive that their network didn’t tank. This is in part due to the services of Akamai who was able to successfully proxy and scrub the network traffic.
This week, Cygilant announced its latest service available via the SOCVue Security Operations and Analytics Platform – Unified Vulnerability and Patch Management. Why is this unique and why is it important?