Read Time:5 Second
Following government sanctions against Russia, Internet providers have had to learn how to implement actions
Monthly Archives: August 2022
#DEFCON: CISA Director Praises Congress and International Cybersecurity Cooperation
Three Extradited from UK to US on $5m BEC Charges
Everything you need to know about the new features in VSS & MVP
Read Time:3 Minute, 34 Second
This blog was written by an independent guest blogger.
Since AT&T launched its Vulnerability Scanning Service (VSS) in 2012, in partnership with DDI/HelpSystems, over 30 million devices have been scanned. The VSS provides vulnerability management services that help organizations identify vulnerabilities on their network and manage their swift remediation. Similarly, the AT&T Managed Vulnerability Program (MVP), launched in late 2020, allows organizations to assess their network without hiring IT professionals. Both services are designed to simplify vulnerability management and improve clients’ security posture.
Loyal clients who have trusted these services for years will be pleased to learn of the new features that have been added in June 2022. These include:
Improvements to business groups
Enhancements to reporting
Credentials validation
These new features allow IT administrators to perform scans remotely, receive real-time reports on system vulnerabilities detected, and report them to third-party vendors for further action.
Improvements to business groups
The first significant upgrade in this release was the enhancement of business groups for data segmentation. This improves an organization’s ability to restrict asset visibility by group membership. Previously, data segmentation was done only by IP definition. While functional for limiting access, it lacked flexibility.
Business groups allow organizations to create logical breakouts of asset ownership to follow the principle of least privilege. Business groups can be restricted by office locations or more granular by departmental or team. Additionally, business group members can now be dynamically assigned. Assets within predefined criteria will be added to business groups as they are discovered via scans. With this solution, individual users will only have access to the assets and results that are relevant to their work without being able to see assets and data outside of their permissions. This closes a security gap from insider threats or stolen credentials, decreasing the overall threat landscape.
Enhanced reporting
Reporting is one of the core functionalities of any vulnerability management solution. These recent reporting upgrades have added significant quality of life and streamlining functionality to make reporting even easier for organizations.
Previous incarnations of the solution had reporting as a manual process that users executed on-demand. While this met the needs of most organizations, it was still an additional step that had to be completed. Our latest release has both scheduled and completion-triggered reporting to automate this common task. With scheduled reporting, your organization can set the filters ahead of time and then define a set cadence such as weekly or monthly to generate a report. With completion-triggered reporting, organizations can select a preferred report or reports to be auto-generated when a scan finishes, removing an additional step for users.
In addition to automatic report generation, organizations can now select to have reports emailed to them on completion. This functionality is not enabled by default, and organizations must opt-in specifically to have it available to them. To increase the security of this process, we will also be adding a passwording capability in the next release to ensure that even misaddressed reports are not accessible to those without appropriate access.
Authenticated credential validation
Credential management can be challenging. A simple typo could derail anticipated scan results and delay the identification or validation of vulnerabilities.
With our new credential testing feature, a user can immediately test whether the credentials entered into the system are valid or not. This feature is built right into the process of adding new authentication credentials for scanning. In addition to identifying the use of a set of credentials globally for the account, users can now check the validity of the credentials before utilizing them in an authenticated scan. One more way to improve time to accurate results.
Gaining the advantage
AT&T has two solutions to allow you to take advantage of these new features, AT&T Vulnerability Scanning Service and AT&T Managed Vulnerability Program. VSS enables organizations to rapidly evaluate their infrastructure and generate actionable reports to meet security and compliance needs. MVP is a full-service solution that includes vulnerability management, asset discovery, threat hunting, and malware detection to create a comprehensive security solution.
Contact us today to learn more about how VSS and MVP can help your organization protect itself from vulnerabilities without the hassle and overhead.
New Study Reveals Serious Cyber Insurance Shortfalls
Top 5 security risks of Open RAN
Read Time:48 Second
When a cell phone or other mobile device connects to the nearest cell tower, the communication takes place over something called a RAN — a radio access network. From the cell tower, the signal is then routed to a fiber or wireless backhaul connection to the core network. RANs
RANs are proprietary to each equipment manufacturer. Open RAN, on the other hand, allows for interoperability that allows service providers to use non-proprietary subcomponents from a choice of vendors. That adds complexity to the network and changes the risk landscape for wireless communications.
What is RAN and Open RAN?
With 4G, the RAN signal was based for the first time on the Internet Protocol (IP). Previously, it used circuit-based networks, where phone calls and text messages traveled on dedicated circuits. RAN has also evolved to support video and audio streaming, and more types of devices, including vehicles and drones.
3 ways China’s access to TikTok data is a security risk
Read Time:34 Second
The short-video platform TikTok has come under fire in recent months. Both lawmakers and citizens in the U.S. have questioned its data collection practices and potential ties to the Chinese state. The concerns have deepened after Buzzfeed published a report saying that data of some American users had been repeatedly accessed from China.
TikTok’s parent company, Beijing-based ByteDance, denied that it shared information with the Chinese government and announced that it had migrated its U.S. user traffic to servers operated by Oracle. Still, it was not enough to clear the air, and security and privacy experts continued to be worried.
Critical Infrastructure at Risk as Thousands of VNC Instances Exposed
ZDI-22-1067: NetBSD Kernel stat System Call Uninitialized Memory Information Disclosure Vulnerability
Read Time:11 Second
This vulnerability allows local attackers to disclose sensitive information on affected installations of NetBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
ZDI-22-1065: Apple macOS Remote Events Memory Corruption Remote Code Execution Vulnerability
Read Time:7 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Authentication is not required to exploit this vulnerability.