One of the main challenges of OT security is the problem of compatibility. OT components often differ significantly from each other in terms of age and sophistication as well as software and communication protocols. This complicates asset discovery and makes it difficult to establish a consistent cybersecurity governance approach. Combating asset blindness in OT security begins with taking account of these differences.
A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. So many wonderful items to report on this week but limiting to three was a challenge. The first is a bizarre instance of a device literally talking to it’s self. Hilarious. Unless of course you end up with a massive bill for things you didn’t order…
Container escape is a security risk in which malicious players can leverage a containerized application’s vulnerabilities to breach its isolation boundary, gaining access to the host system’s resources. Once an attacker accesses the host system, they can escalate their privilege to access other containers running in the machine or run harmful code on the host. Depending on how vulnerable the host is, the actor could also access other hosts in the network.
What’s happening today in the cyber insurance market is comparable to what happens to property insurance in a region that experiences a major hurricane or devastating flood. Not only are your company’s premiums increasing; oftentimes, insurers are scrutinizing your overall risk preparedness as part of their renewal process. In the first part of this two-part series, we’ll examine why cybersecurity insurance premiums have skyrocketed.
The transition to the cloud has changed everything! It has upended where apps are hosted, as well as the movement of enterprises’ most valuable digital assets and sensitive data. Access has been redefined and firewall-based perimeters are a thing of the past. Now special considerations are required for users working from everywhere—on both managed and unmanaged devices—as well as address the ever-growing Internet of Things (IoT).
Recently, researchers from Positive Security published findings identifying a major remote code execution (RCE) vulnerability in dompdf, a popular PDF generation library. In their reporting, they outlined a way that code could be loaded into an application and then remotely executed during a PDF being generated. Dompdf is used quite extensively within the PHP ecosystem, and is used within over 59,000 open sourced platforms and projects.
In today's ecosystems, a single enterprise can operate multiple internal networks, remote offices with their own local infrastructure, remote and/or mobile individuals and Cloud services. According to the study published by NIST, this level of complexity is too much for legacy network security models that are based on the location of the company infrastructure and there isn’t a single, easily identifiable perimeter for all elements.
Thanks to President Biden’s Executive Order on Cybersecurity (14028) last May, Software Bills of Material (SBOMs) are now discussed by developers, security and deployment teams and even boards of businesses around the world. These “ingredients” lists for software are mandated for those selling to US Federal government and are quickly becoming an expected element of any software implementation. Rightly so.
