Over the last two weeks, many have had flashbacks to 2012 when Heartbleed was released and everyone scrambled to fix broadly used OpenSSL. Due to their nature, some applications and services are so prolific that when a vulnerability is identified it causes massive issues for vendors and customers alike. The latest of this kind of issue is the Log4j vulnerability that has been dominating the press.
2021 was the year businesses continued to adapt to new working patterns, digital transformation and battle the increasing threats from ransomware attacks. Here our panel of security experts share their predictions for the key security challenges and trends to look out for in 2022 ensuring you can beat the hackers at their own game.
This is the second in a two-part series discussing a still-unpatched userland Windows privilege escalation. The exploit enables attackers to perform highly privileged actions that typically require a kernel driver. Part 1 of this blog series showed how to block these attacks via ACL hardening. If you haven’t already, please read the first part of this series, because it lays an important foundation for this article. Interested readers can also check out the excellent Unknown Known DLLs...
Vulnerability management is becoming increasingly important to companies due to the rising threat of cyber security attacks and regulations like PCI DSS, HIPAA, NIST 800-731 and more. Vulnerability management is a comprehensive process implemented to continuously identify, evaluate, classify, remediate, and report on security vulnerabilities.
Owners and operators of Operational Technology (OT) environments are being increasingly tasked with providing more information and security controls for their OT Environments, whether those demands are driven by the board, executive orders, or new regulations. One of the biggest fallacies that we encounter when our customers begin monitoring their OT environment is the idea that OT systems are air gapped and completely isolated from IT systems.
This is part 2 of Trustwave’s 2022 Cybersecurity Predictions blog series. In 2021, the cybersecurity industry was truly tested. Most notably, we uncovered the deeper fallout from the SolarWinds attacks, combatted the proliferation of advanced ransomware gangs and a surge in vulnerability exploitation, and saw fragile supply chain and critical infrastructure more targeted by attackers than ever.
Threat actors are constantly evolving their tactics and techniques in the attack lifecycle and infiltrate company infrastructure. While most organizations are already performing vulnerability management based on CVEs by MITRE, few have considered the powerful correlations between threat intelligence, CVEs and the ATT&CK® framework. In this blog we highlight the benefits of bringing them together to drive focused remediation and improve cyber defense.
The US Cybersecurity and Infrastructure Agency (CISA) has issued a directive to federal agencies and other public bodies requiring them to take steps to reduce their risk of exploited vulnerabilities. CISA highlights the startling finding that hackers are exploiting up to 290 different vulnerabilities in these agencies.
Exchange admins now have another exploit to deal with despite still reeling from a number of high profile attacks this year including ProxyLogon and ProxyShell. A new high severity Remote Code Execution (RCE) exploit for on-premise Exchange Servers has been published and is being actively exploited in the wild.