Copy
View this email in your browser

Thursday, August 26, 2021

A selection of the top articles and videos from the last week on SecuritySenses.com. Don't forget to check back regularly for daily updates from around the globe.

If you like SecurityBuzz, why not forward it to some friends or share the online version?

Until Next Time! 👏

Tweet
Share
Share
Forward

Mobile app SDKs: The nesting dolls of hidden risk

25-Aug-21   |   By Hank Schless   |   In Lookout , Mobile
Lookout

Here’s an obvious statement for you: mobile applications are essential to how we go about our lives. From sharing files with colleagues to managing finances and connecting with family and friends, they seem to be able to do everything we need. But here’s the catch: developers rarely build apps from scratch and security is not typically their top priority. To quickly add features, they often rely on prepackaged code known as software development kits (SDKs). Without knowing which SDKs an app uses and the vulnerabilities they bring along, individuals and organizations are exposed to risks that they may not even be aware of.

Read More

Compliance vs Risk Management: What You Need to Know

25-Aug-21   |   By Kasey Hewitt   |   In SecurityScorecard , Compliance
SecurityScorecard

According to a study conducted by Ropes & Gray, 57% of senior-level executives rate “risk and compliance” as the top two categories they feel the least prepared to address. There are a lot of misconceptions about compliance and risk management. Both help to prevent security threats to the organization’s legal structure and physical assets. And often, when people hear the terms compliance and risk management, they assume the two are the same. While there is an overlap between these two terms, it’s important to understand how compliance and risk management differ in order to ensure each is handled correctly.

Read More

Hypergrowth Playbook: 7 best practices as you go from startup to scaleup

25-Aug-21   |   By Dipti Salopek   |   In Snyk , DevOps
Snyk

Across the tech startup space, growth is on fire, and a key differentiator of success will be your ability to scale your talent at the pace needed. Based on having gone through this phase at various companies over the past decade, I’ve been pulled into helping advise founders and heads of people at several earlier-stage startups. So I made it simpler, and drafted a Hypergrowth Playbook , with my learnings. We are happy to share this openly, to help the community at large. Here’s a summary (and there is much more in the playbook).

Read More

Stories from the SOC -SolarWinds Sunburst attack with malicious file

25-Aug-21   |   By Kristen Perreault   |   In AT&T Cybersecurity , Cyberattacks
AT&T Cybersecurity

In late 2020, SolarWinds was the victim of a cyberattack that spread to their clients and went undetected for months. The foreign entities were able to add malicious code into the Orion system and gain access to companies of all sizes and across industries. The malicious code was distributed to all of the systems via a routine software update. Attacks like this are becoming increasingly frequent, amplifying the importance of security solutions that can quickly detect a potential breach.

Read More

How to cyber security: Invisible application security

25-Aug-21   |   By Jonathan Knudsen   |   In Synopsys , Application Security
Synopsys

Invisible application security is the concept of integrating and automating AppSec testing with little interruption to developer workflows. I really love the keyless entry system on my car. The “key” is not a key in the traditional sense; all I have to do is put it in my pocket and forget about it. When I reach for the car door handle, it simply unlocks. When I leave the car, I wave my hand over the handle to lock the car. This is nice because I don’t ever have to take the key out of my pocket, which lowers the risk that I will accidentally leave it somewhere or lock it inside the car.

Read More

Ensure data security and compliance in Slack Connect with Nightfall

25-Aug-21   |   By Chris Martinez   |   In Nightfall , Data Security
Nightfall

Slack as a product is constantly expanding with new functionality and integrations. Slack Connect is among the most popular new features Slack introduced in the past year and is growing in popularity because it’s an easy way to stay connected with people you work with outside your organization — in real time with all the features that Slack offers. ​​As new improvements or upgrades for Slack are released, data security and compliance should be a top concern for your teams.

Read More

The Next Big Challenge: Cloud Complexity

24-Aug-21   |   By Raen Lim   |   In Splunk , Cloud
Splunk

Cybersecurity remains an ever-growing concern in our digitized, post-pandemic world. While rapid digitization opens doors to ample benefits and business opportunities, companies also have to deal with an uptick in cybercrimes, as criminals and other threat actors raise their game, making cyber attacks more frequent and complex than ever before. Consequently, businesses have suffered serious losses resulting from ransomware attacks, data breaches, and theft of trade secrets. Just recently in July, the Cyber Security Agency of Singapore (CSA) cautioned about the increase in cybercrime in Singapore which accounted for 43% of all crime in 2020 with a record number of 16,117 cases, up from 9,349 cases in 2019.

Read More

Web application security - 2021 update

24-Aug-21   |   By Danyel Loyd-Tate   |   In AT&T Cybersecurity , Application Security
AT&T Cybersecurity

Now more than ever it is critical for businesses to be successful during the pandemic with online sales. However, this is also where we often find cybercriminals are most successful. Internet security can be complex and is continuously being forced to change and stay up to date, with new cyber threats that come to light each day. However, one big threat that is typically overlooked is web application security. How important is web application security you ask? You can get a sense by surfing to OWASP — the Open Web Application Security Project , which organizes security-relevant information, including exploits of all kinds.

Read More

Overcoming cyber security alert fatigue

24-Aug-21   |   By The Redscan Team   |   In Redscan , Alerting
Redscan

But organisations take a significant risk in relying on technology alone, however advanced. While good security technology can provide part of the answer, the sheer number of alerts generated demands constant attention. Without the right resources to analyse and manage these outputs, critical alerts may end up being ignored.

Read More

Changing eKYC regulations: Are FI's ready to make a headway?

24-Aug-21   |   By Ayesha Kapoor   |   In IDcentral , Digital Identity
IDcentral

India ranks as one of the top two countries in the world in terms of digital adoption as per a McKinsey report. Over the last few years, initiatives such as Aadhaar, the national biometric digital identity program, have included over a billion Indians. India has also pioneered the United Payments Interface (UPI), a singular platform available as a mobile app that allows instant and cost-effective money transfer across people and businesses. The prolific use of APIs allows UPI integration with other apps like DigiLocker that make know-your-customer (KYC) processes much faster than before.

Read More

Our vision for Cloud SOAR and the future

24-Aug-21   |   By Dario Forte   |   In Sumo Logic , SOAR
Sumo Logic

After a couple of hard-working months full of exciting strategic discussions following the acquisition of DFLabs by Sumo Logic that was concluded this May, we are surely moving forward and laying the groundwork for the future of our Cloud SOAR as a part of Sumo Logic’s Modern SOC Strategy. While we’re already delighted with the success our Cloud SOAR has achieved so far, our goal to be at the forefront of the cybersecurity industry leaves no room for dwelling on past achievements and forces us to always have one eye set on the future.

Read More

Joint PCI security and CSA guidance on scoping cloud environments

24-Aug-21   |   By Sergio Loureiro   |   In Outpost 24 , Cloud
Outpost 24

As organizations move their infrastructure to the cloud, payment data are being exposed unknowingly leading to high profile data breaches. Find out how the new guidance from PCI Security Standards Council (PCI SSC) and Cloud Security Alliance (CSA) can help protect your cardholder data in the cloud.

Read More

Active Directory Certificate Services: Risky Settings and How to Remediate Them

24-Aug-21   |   By Joe Dibley   |   In Netwrix , Active Directory
Netwrix

Active Directory Certificate Services has been around for a long time, but resources for learning it are not great. As a result, it often has misconfigurations that are an increasing vector for attacks. In fact, SpecterOps released a whitepaper detailing a number of misconfigurations and potential attacks and providing hardening advice. In this blog, I cover several of the settings that be misconfigured and how to spot them, offer several options for further hardening security, and explain how to use a free tool to check your environment.

Read More

Anatomy of a Supply Chain Attack: How to Accelerate Incident Response and Threat Hunting

24-Aug-21   |   By Patrick Declusin   |   In ThreatQuotient , Cyberattacks
ThreatQuotient

In recent months, we’ve seen a sharp rise in software supply chain attacks that infect legitimate applications to distribute malware to users. SolarWinds, Codecov and Kesaya have all been victims of such attacks that went on to impact thousands of downstream businesses around the globe. Within minutes of these high-profile attacks making headline news, CEOs often ask: “Should we be concerned? How is it impacting us? What can we do to mitigate risk?” . CISOs, and their teams on the front lines, need answers fast. But when attacks like these happen, access to the details they need to understand if they are impacted and how to mitigate risk is never soon enough. And once details

Read More

Vulnerability Management: Process, Life Cycle, and Best Practices

24-Aug-21   |   By Emily Heaslip   |   In Nightfall , Security
Nightfall

Vulnerability management is a full-time occupation. This cybersecurity function is iterative and involves constant monitoring, documentation, and review. From updating your software to recording new patches, vulnerability management is a constant process that benefits from automated tools like Nightfall . Here’s how vulnerability management works, the ins and outs of the vulnerability management life cycle, and best practices to implement at your organization.

Read More

What are bots costing gaming and betting companies?

24-Aug-21   |   By Alex McConnell   |   In Netacea , Bots
Netacea

As the pandemic pushed more businesses to an online-first model, cybercriminals seized opportunities to profit from fraudulent activity. But the financial impact of these attacks on businesses has been hard to quantify. Netacea recently surveyed 440 businesses from across the USA and UK to understand how much financial impact bot attacks are having across different industries.

Read More

A Real-World Look at AWS Best Practices: Storage

24-Aug-21   |   By Jenko Hwong   |   In Netskope , Cloud
Netskope

Best practices for securing an AWS environment have been well-documented and generally accepted, such as AWS’s guidance. However, organizations may still find it challenging on how to begin applying this guidance to their specific environments. In this blog series, we’ll analyze anonymized data from Netskope customers that include security settings of 650,000 entities from 1,143 AWS accounts across several hundred organizations. We’ll look at the configuration from the perspective of the best practices, see what’s commonly occurring in the real world.

Read More

Elastic and build.security: Shifting left together to secure the cloud

23-Aug-21   |   By Ashutosh Kulkarni   |   In Elastic , Cloud
Elastic

Since its inception, Elastic Security has had a clear mission: to protect the world's data and systems from attack. We started with SIEM, built on top of the Elastic Stack, applying its fast and scalable search capabilities to detect security vulnerabilities across all threat vectors. Next, we joined forces with Endgame to integrate endpoint security into Elastic Security, and allow customers to prevent, detect, and respond to attacks from a single, unified platform. With the recent release of Elastic Security Limitless XDR and the general availability of Elastic Agent, we furthered our mission.

Read More

What is Digital Forensics? Defining Digital Forensics and Incident Response

23-Aug-21   |   By Devo   |   In Devo , Incident Response
Devo

According to Research and Markets, the worldwide digital forensics market will expand at a compound annual growth rate of 13% through 2026. The rise of cybercrime is most certainly driving its growth — especially since digital forensics plays a critical role in mitigating cyberthreats in the modern security operations center (SOC).

Read More

Defending against the cyber pandemic demands holistic security and intelligent DevSecOps

23-Aug-21   |   By Anna Chiang   |   In Synopsys , Application Security
Synopsys

Learn how Synopsys AppSec tools and services can help your organization deliver a holistic security approach to address rising cyber threats. Not only has the number of cyber attacks increased dramatically in 2020, but the ingenuity and scale of the attacks has also jumped way off the charts. The SolarWinds attack was “the largest and most sophisticated attack the world has ever seen” with the number of software engineers working on these attacks estimated to be over 1,000. Taking a holistic systems security approach and applying secure DevSecOps best practices

Read More

What is Endpoint Security?

23-Aug-21   |   By Reciprocity Labs   |   In Reciprocity , Risk Management
Reciprocity

In enterprise networks, endpoint devices refer to end-user devices such as laptops, servers, desktops, Internet of Things (IoT) devices, and mobile devices. Such devices enable users to access the corporate network, and are therefore indispensable for day-to-day operations. Endpoints also, however, expand a company’s attack surface, since each one can be exploited by malicious threat actors to launch cyberattacks via ransomware, phishing emails, social engineering, and so forth. That’s why endpoint security should be a part of every organization’s cybersecurity risk analysis and management plan.

Read More

Frontline privacy observations from deploying the EU's new..

23-Aug-21   |   By Sophie Chase-Borthwick   |   In Calligo , Compliance
Calligo

Our Data Privacy Services team collates the most interesting practical ramifications from implementing the new SCCs with our GDPR services customers. In our latest update of the Data Privacy Periodic Table , we included reference to the EU’s June 2021 release of substantially updated Standard Contractual Clauses (SCCs), triggered by 2020’s Schrems II ruling. The new, far more substantial SCCs have been largely welcomed. After all, their main update is to fill in a glaring practical gap (that with hindsight appears incredible to have ever existed) of covering data moving from EU processors, not just controllers. In fact, the general theme of the new SCCs is to ensure they are of more operational use than their predecessors.

Read More

How Tripwire Can Help to Defend Against Ransomware

23-Aug-21   |   By David Bisson   |   In Tripwire , Malware
Tripwire

Ransomware is having a bit of a moment. Check Point revealed that ransomware attacks increased 102% globally in H1 2021 compared to the start of the previous year, with the number of corporate ransomware victims having doubled over that same period. Average ransom payments also grew 171% from $115,123 in 2019 to $312,493 a year later. But those weren’t the amounts originally demanded by attackers. Indeed, ransomware actors wanted an average of $847,344 from their victims in 2020. Some wanted as high as $30 million.

Read More

A Comprehensive Approach to DAST

23-Aug-21   |   By Subho Halder   |   In Appknox , AST
Appknox

In the modern DevOps framework, the security has shifted to the left and Application Security Testing (AST) techniques like DAST have become even more important. The latest Forrester reports indicate that application weaknesses and software vulnerabilities are the most common attack methods, and businesses fall victim to ransomware every 11 seconds. Further, modern-day businesses are consistently grappling with fast-paced development and industry disruptions. Hence, DAST emerges as a powerful tool to perform thorough and dynamic scans on the application codes while it is running.

Read More

What is Shadow IT? And How to Manage It

23-Aug-21   |   By Kasey Hewitt   |   In SecurityScorecard , Networks
SecurityScorecard

Everything connected to your network poses a security risk. Every application on every device poses a threat to that device which then increases your security risk profile. Ultimately, organizations need visibility into all users, applications, and devices on their networks. Whether arising from employees using personal devices or downloading applications to corporate devices, shadow IT is becoming a bigger problem for organizations. To enhance your security posture, you need to understand what shadow IT is, the risks it creates, and how to mitigate those risks.

Read More

Using Threat Modeling to Boost Your Incident Response Strategy

22-Aug-21   |   By Tripwire Guest Authors   |   In Tripwire , Incident Response
Tripwire

Threat modeling is increasing in importance as a way to plan security in advance. Instead of merely reacting to threats and incidents, an organization can identify and evaluate its security posture, relevant threats, and gaps in defenses that may allow attacks to succeed. Threat modeling has a two-way relationship with incident response.

Read More

Network segmentation: Importance & Best Practices

22-Aug-21   |   By Editor   |   In Cyphere , Networks
Cyphere

Traditional and typical cyber security techniques usually fail to meet the security requirements of today’s corporate industries and businesses. As the digital world has revolutionized, so are cyber security threats and risks. It has become more difficult to rely on a single security solution or a single line of defence.

Read More

Data protection and the Age-Appropriate Design Code

20-Aug-21   |   By Adindu Nwichi   |   In Bulletproof , Data Protection
Bulletproof

A 2019 report by Ofcom shows that 50% of ten-year olds own mobile phones. While viewing of video-on-demand (with YouTube as firm favourite), has doubled in the last five years among children. Platforms like TikTok are rapidly growing in popularity. Sadly, more and more children are being exposed to hateful, violent and disturbing contents on these platforms.

Read More

What is ISO/IEC 27001? A Clear and Concise Explanation for 2021

20-Aug-21   |   By Edward Kost   |   In UpGuard , Compliance
UpGuard

ISO/IEC 27001 is the leading international standard for regulating data security through a code of practice for information security management. Its creation was a joint effort of two prominent international standard bodies - the International Organization for Standardization (ISO), and the International Electrotechnical Commission (IEC). This is why the standard is formally prepended with ISO/IEC, though "IEC" is commonly left to simplify referencing. ISO/IEC 27001 is comprised of a set of standards covering different aspects of information security including information security management systems, information technology, information security techniques, and information security requirements.

Read More

Key insights from the Conti ransomware playbook leak: establishing a foothold

20-Aug-21   |   By George Glass   |   In Redscan , Malware
Redscan

The Conti ransomware group has been one of the most prolific in the industry since it was originally observed in 2020. A recent insider leak has provided valuable intelligence about the tools, tactics and procedures (TTPs) utilised by the group, including step-by-step manuals and instructions for operators. Even by ransomware standards, Conti is regarded as one of the most ruthless and damaging gangs in operation. Frequently targeting hospitals, emergency medical networks and other organisations, its average ransom payment is $849,581. The FBI has associated the ransomware-as-a-service variant with more than 400 cyber-attacks against organisations around the world.

Read More

Impact of modern ransomware on manufacturing networks

20-Aug-21   |   By Carnell Council   |   In AT&T Cybersecurity , Malware
AT&T Cybersecurity

Manufacturing facilities employ assembly lines, material handling systems, motors, and furnaces that all require big physical machines. Innovative trends in the manufacturing industry and the advancement of operational technology have also meant introducing computers across operation and production systems. Operational technology or OT is a category of computing and communication systems used to manage, monitor, and control industrial operations, focusing on the physical devices and processes they use. Operational technology monitors and manages industrial process assets and manufacturing/industrial equipment.

Read More

Reflections on trusting plugins: Backdooring Jenkins builds

20-Aug-21   |   By Brian Hysell   |   In Synopsys , CI CD
Synopsys

In this post we explore how an attacker who has compromised a Jenkins instance can backdoor software built with it and what security measures are critical to ensure protection against attacks.

Read More

What is a Third-Party Risk Assessment?

20-Aug-21   |   By Reciprocity Labs   |   In Reciprocity , Risk Management
Reciprocity

A third-party risk assessment is an analysis of the risk introduced to your organization via third-party relationships along the supply chain. Those third parties can include vendors, service providers, software providers and other suppliers. Risks to be considered include security, business continuity, privacy, and reputation harm; as well as the risk that regulatory compliance obligations might force you to stop working with a party until its issues are addressed. Third-party risk assessments are a crucial part of every third-party risk management program (TPRM).

Read More

Cybersecurity experts are currently drowning in ransomware attacks

19-Aug-21   |   By Nahla Davies   |   In AT&T Cybersecurity , Cyberattacks
AT&T Cybersecurity

U.S. President Joe Biden is under pressure to take a stand against a relentless pace of cybersecurity attacks. Russian-speaking hackers have claimed accountability for a recent ransomware assault on IT management software provider Kaseya VSA. The group of Russian threat actors also referred to as the Revil Group, launched a bombshell supply-chain hit during the weekend of July 4th, 2021 against Kaseya VSA and multiple managed service providers. The incident affected both Kaseya VSA as well as the many companies for whom it manages sensitive information technology -- essentially, the digital backbone of those businesses' operations.

Read More

Cybersecurity Visibility is the Key for Business, Security and SOC Alignment

19-Aug-21   |   By Devo   |   In Devo , SecOps
Devo

It has become obvious that visibility is one of the critical pillars for the success of any organization’s cybersecurity program. Research by ESG found that nearly 80% of organizations with a lack of visibility into their assets report roughly three times as many incidents. That sobering statistic is cited in a recent report from SANS, Making Visibility Definable and Measurable, that examines the issue from multiple perspectives. Devo sponsored the SANS report because we built the Devo Platform and our Security Operations application on a foundation of providing security visibility into all aspects of an organization’s data, to help align the business, its security strategy, and its security operations center (SOC) team.

Read More

Forrester recognizes Synopsys as a leader in Software Composition Analysis

19-Aug-21   |   By Mike McGuire   |   In Synopsys , News
Synopsys

Black Duck ranks highest in Strategy and receives highest possible scores in Product Vision, Market Approach, and Corporate Culture criteria. This week, Synopsys was named a Leader in “ The Forrester Wave™: Software Composition Analysis, Q3, 2021 ,” by Forrester based on its evaluation of Black Duck, our Software Composition Analysis solution. Forrester evaluated 10 of the most significant SCA providers against 37 criteria. We are proud to be recognized as a leader, and to receive the highest score in the strategy category.

Read More

Hunting for Detections in Attack Data with Machine Learning

19-Aug-21   |   By Michael Hart   |   In Splunk , Machine Learning
Splunk

As a (fairly) new member of Splunk’s Threat Research team (STRT), I found a unique opportunity to train machine learning models in a more impactful way. I focus on the application of natural language processing and deep learning to build security analytics. I am surrounded by fellow data scientists, blue teamers, reverse engineers, and former SOC analysts with a shared passion and vision to push the state of the art in cyber defense. STRT has collected real-world and simulated attack data that allows me to not only use machine learning to discover attack activity but identify how to transform insights into detections for the benefit of our customers.

Read More

Are You Being Measured Against Your Real Attack Surface?

19-Aug-21   |   By Rezilion   |   In Rezilion , Cyberattacks
Rezilion

Security teams are overwhelmed. An ongoing talent shortage in the industry makes it difficult to hire when help is desperately needed. In fact, a survey of security professionals conducted by Enterprise Strategy Group (ESG) and the Information Systems Security Association (ISSA) finds 38% think a talent shortage has led to overwork and burnout at their organizations — a 12% increase since 2020. For those on the job, finding meaningful signals amid all of the noise from numerous security tools is a constant challenge.

Read More

Why speed matters in Static Application Security Testing (SAST)

19-Aug-21   |   By Frank Fischer   |   In Snyk , AST
Snyk

Static Application Security Testing (SAST) tools automatically scan application source code for vulnerabilities. These tools can provide essential security feedback during development, but this feedback is really only helpful if the scans are in real time. In this post, we’ll discuss why speed is critical for SAST tools and how Snyk Code combines speed with accuracy and breadth to deliver a dramatic improvement in the security posture of an application.

Read More
Copyright © 2021 OpsMatters, All rights reserved.


Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.

Email Marketing Powered by Mailchimp