Welcome to our blog series on Continuous Threat Exposure Management (CTEM), where we dig into the five essential stages of implementing a robust CTEM program. Coined by Gartner in 2022, CTEM is a powerful process that can help continuously manage cyber hygiene and risk across your online environment. It’s also a lot to think about when you’re starting out, so it helps to break things down. Our series begins with the crucial first stage: Scoping.

Welcome to the Threat Context monthly blog series where we provide a comprehensive roundup of the most relevant cybersecurity news and threat information from KrakenLabs, Outpost24’s cyber Threat Intelligence team. Here’s what you need to know from August.

Cross-Site Request Forgery (CSRF) is a serious web security vulnerability that allows attackers to exploit active sessions of targeted users to perform privileged actions on their behalf. Depending on the relevancy of the action and the permissions of the targeted user, a successful CSRF attack may result in anything from minor integrity impacts to a complete compromise of the application.

Modern organizations have sprawling attacks surfaces of known and unknown assets that grow each day. This means understanding and managing your external attack surface is more crucial than ever. But with the vast number of digital assets that organizations need to monitor, accurately identifying every component of your attack surface can seem overwhelming – which is why many turn to External Attack Surface Management (EASM).

Stolen credentials are the easiest route into your organization for a hacker. Verizon’s 2023 Data Breach Investigation Report found that threat actors used stolen credentials in 49% of attempts to gain unauthorized access to organizations. The problem IT teams face is knowing when credentials have been stolen or leaked in a breach – otherwise you’re waiting to respond to a security issue rather than handling it proactively.

The threat group USDoD posted on a dark web forum on July 24th to claim they’ve got hold of a large database of threat actors compiled by CrowdStrike. So far, the threat actor has released only a small sample of the data, but the forum post below claims that over 250 million records have been exposed. This could provide information on the aliases, recent activities, origins, and motivations of various cybercriminal groups and state-sponsored actors.

In November 2023, while conducting a security assessment on a client’s instance of the Oracle Integration Cloud Platform, I discovered a medium severity vulnerability nestled within the handling of the “consumer_url” URL parameter. This flaw unveiled a Cross-Site Scripting (XSS) vector that could be exploited by a user with malicious intent.

Every month, we bring you some of the key findings from Outpost24’s Threat Intelligence team, KrakenLabs. Here’s what you need to know from July.

Held in Breda, Netherlands, this year’s Cyber Resilience Day convened industry leaders and cybersecurity experts to address the topic of supply chain attacks and the latest digital threats. The event showcased a series of keynote speeches, panel discussions, and interactive workshops, equipping attendees with valuable insights and actionable strategies to strengthen their organizations’ cyber resilience.