Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CyCognito

cycognito

Gift or Grift? How Retailers Can Combat Cyber Threats This Season

Nov 21, 2024 By Emma Zaballos In CyCognito
A lot goes into deciding what to buy during the holiday shopping season – shipping times, sale prices, and finding the perfect gift for your niece (who is impossible to shop for) are likely to be at the top of your mind. Unfortunately, attackers are counting on that. An attacker’s best friend is urgency and Black Friday kicks off a perfect season for them.
Read Post
cycognito

Emerging Threat: Palo Alto PAN-OS CVE-2024-0012 & CVE-2024-9474

Nov 20, 2024 By Emma Zaballos In CyCognito
On November 18, 2024, Palo Alto Networks (PAN) fully disclosed two serious vulnerabilities in PAN-OS software that had previously been partially disclosed on November 8th. The first vulnerability, CVE-2024-0012, is a critical severity (9.3) authentication bypass in the PAN-OS management web interface. It allows unauthenticated attackers with network access to gain administrator privileges by bypassing the authentication check entirely, essentially telling the server not to check for authentication at all.
Read Post
cycognito

How to Budget for EASM

Nov 18, 2024 By Tim Matthews In CyCognito
External Attack Surface Management, or EASM, has become a necessary component of a proactive cybersecurity strategy. According to research from Enterprise Strategy Group, over 65% of breaches stem from a compromised, externally exposed asset, so knowing your attack surface is key to avoiding breaches. Gartner, for this reason, is recommending EASM as a key pillar in the new approach to proactive security they call Exposure Management.
Read Post
cycognito

A New Framework: Understanding Exposure Management

Nov 11, 2024 By Emma Zaballos In CyCognito
Savvy security leaders are moving from the legacy framework of vulnerability management to the emerging framework of exposure management because it solves their biggest challenges. The attack surface, which now contains cloud assets, distributed and mobile employees, and Internet of Things (IoT) integrated into every aspect of the workplace, is too complicated and changes too quickly to be managed with outdated methods and technologies.
Read Post
cycognito

Emerging Threat: FortiJump (CVE-2024-47575)

Oct 29, 2024 By Emma Zaballos In CyCognito
CVE-2024-47575, also known as FortiJump, is a critical (9.8) missing authentication vulnerability affecting critical functions in FortiManager and FortiManager Cloud versions. Threat researcher Kevin Beaumont published a blog post on October 22nd, 2024 identifying this vulnerability as a zero day. This vulnerability is separate from CVE-2024-23113, which also affects FortiGate devices.
Read Post
Featured Post
cycognito

What Security Teams Need to Know About the EU's NIS 2 Directive

Oct 24, 2024 By Graham Rance, VP Global Pre-Sales In CyCognito
The deadline to get compliant with the EU's NIS 2 Directive is here. And this isn't just a minor update from its NIS 1 predecessor-it's a major expansion that carries with it new challenges and obligations. The directive now covers a whopping 300,000 organizations, up from just 20,000 under NIS 1. Sectors like aerospace, public administration, digital services, postal and courier services, and food production are now included. Organizations are classified into "essential" or "important" entities based on size and criticality to the economy.
Read Post
cycognito

Emerging Security Issue: Multiple Palo Alto Networks Expedition PAN-OS Firewalls Vulnerabilities

Oct 16, 2024 By Emma Zaballos In CyCognito
On October 9th, 2024, five vulnerabilities were disclosed by Palo Alto Networks: These vulnerabilities affect Palo Alto Networks Expedition, a tool that manages configuration migration from supported vendors to Palo Alto Networks systems.
Read Post
cycognito

Emerging Security Issue: Multiple CUPS Vulnerabilities

Oct 16, 2024 By Emma Zaballos In CyCognito
On September 26, 2024, four critical vulnerabilities, CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, and CVE-2024-47177, were disclosed in the open-source printing system Common Unix Printing System (CUPS) and its components. Attackers can leverage the remote code execution (RCE) and input validation vulnerabilities as part of an attack chain.
Read Post
cycognito

Emerging Security Issue: Fortinet FortiOS CVE-2024-23113

Oct 16, 2024 By Emma Zaballos In CyCognito
CVE-2024-23113 is a critical (9.8) Fortinet FortiOS vulnerability allowing remote, unauthenticated attackers to execute arbitrary code or commands using specially crafted requests. The flaw uses an externally-controlled format string vulnerability in the FortiOS fgfmd daemon.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.