AT&T Alien Labs has seen a number of reports of active exploitation of a vulnerability in Microsoft Sharepoint (CVE-2019-0604). One report by the Saudi Cyber Security Centre appears to be primarily targeted at organisations within the kingdom. An earlier report by the Canadian Cyber Security Centre identified similar deployment of the tiny China Chopper web-shell to gain an initial foothold.
Here at Bulletproof we’re an international business. Though most of our work is in the UK, we’ve expanded our reach to places including the USA, Europe (I was in Zurich only last month) and most recently, Bangalore. Sometimes the life of a Bulletproof Compliance Consultant is as glamorous as you think.
MITRE ATT&CK is a comprehensive knowledge base and complex framework of over 200 techniques that adversaries may use over the course of an attack. While MITRE’s full ATT&CK framework is publicly available, it can be characterized into 3 key elements.
A selection of this week’s more interesting vulnerability disclosures and cyber security news. After last week’s news about a part of Docker Hub being exposed, things have got just a little bit worse. One of the most popular images has a root account vulnerability. Now, with someone knowing what people have, and that there is a potential hole, a target list becomes massively reduced…
A control weakness is a failure in the implementation or effectiveness of internal controls. Malicious actors leverage internal control weakness to circumvent even the most robust security measures. The wide range of internal controls, the increased number of new technologies, and the rate at which malware evolves necessitate data security control monitoring. Regularly monitoring allows organizations to test the effectiveness of their internal controls and expose weaknesses in their implementation.
Today, software is being developed at a breakneck speed. Agile development and the aggressive adoption of DevOps is leading to an abundance of functionality and feature sets, or pieces of code pushed out to consumers at a record pace. These one-click opportunities may indeed get us what we want, however, the game remains the same. The Achilles Heel is security vulnerabilities, regardless of technology maturity or speed of release.
One of the best parts of working on the Open Policy Agent at Styra is that we get to help people design authorization systems for both their platform and their custom applications. The other day we were talking someone through the design tradeoffs of authorization for their application, and the first decision they had to make was whether they wanted a centralized authorization system or a distributed authorization system. Both OPA and Styra support either, so we have no real bias.
In the world of cyber warfare, the internet has become a vital part of every walk of life. When it comes to downloading a file from the internet to your laptop or PC, you cannot be guaranteed a 100% safety due to the existence of fast and sophisticated cyber threats. Security vulnerabilities, data breaches, viruses, and malware have become very common and result in exploitation of the originality, integrity, and authenticity of any file you download from the internet.
On 18th April 2019, @ATTCyber gathered a panel of CISOs (and recovering CISOs) for a tweetchat to discuss some of the questions that we’ve always wanted to put to senior security folk. The virtual panel consisted of Thom Langford, Quentyn Taylor, James Gosnold, Andy Rose and Raj Goel; with participation from many others. Below I’ve summed up some of the key discussion points around each questions.
