A new report by Red Canary has found that while cybersecurity budgets have risen, many security leaders still feel overwhelmed by the growing threat landscape
Monthly Archives: October 2024
USN-7054-1: unzip vulnerability
It was discovered that unzip did not properly handle unicode strings under
certain circumstances. If a user were tricked into opening a specially
crafted zip file, an attacker could possibly use this issue to cause unzip
to crash, resulting in a denial of service, or possibly execute arbitrary
code.
mosquitto-2.0.19-1.fc40
FEDORA-2024-e36b567b66
Packages in this update:
mosquitto-2.0.19-1.fc40
Update description:
Update to 2.0.19
mosquitto-2.0.19-1.fc39
FEDORA-2024-f71b7dad10
Packages in this update:
mosquitto-2.0.19-1.fc39
Update description:
Update to 2.0.19
mosquitto-2.0.19-1.fc41
FEDORA-2024-0078a55acf
Packages in this update:
mosquitto-2.0.19-1.fc41
Update description:
Update to 2.0.19
Fix FTBFS (closes rhbz#2300978)
Weird Zimbra Vulnerability
Hackers can execute commands on a remote computer by sending malformed emails to a Zimbra mail server. It’s critical, but difficult to exploit.
In an email sent Wednesday afternoon, Proofpoint researcher Greg Lesnewich seemed to largely concur that the attacks weren’t likely to lead to mass infections that could install ransomware or espionage malware. The researcher provided the following details:
While the exploitation attempts we have observed were indiscriminate in targeting, we haven’t seen a large volume of exploitation attempts
Based on what we have researched and observed, exploitation of this vulnerability is very easy, but we do not have any information about how reliable the exploitation is
Exploitation has remained about the same since we first spotted it on Sept. 28th
There is a PoC available, and the exploit attempts appear opportunistic
Exploitation is geographically diverse and appears indiscriminate
The fact that the attacker is using the same server to send the exploit emails and host second-stage payloads indicates the actor does not have a distributed set of infrastructure to send exploit emails and handle infections after successful exploitation. We would expect the email server and payload servers to be different entities in a more mature operation.
Defenders protecting Zimbra appliances should look out for odd CC or To addresses that look malformed or contain suspicious strings, as well as logs from the Zimbra server indicating outbound connections to remote IP addresses.
USN-7021-4: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– GPU drivers;
– BTRFS file system;
– F2FS file system;
– GFS2 file system;
– BPF subsystem;
– Netfilter;
– RxRPC session sockets;
– Integrity Measurement Architecture(IMA) framework;
(CVE-2024-41009, CVE-2024-26677, CVE-2024-42160, CVE-2024-39494,
CVE-2024-39496, CVE-2024-38570, CVE-2024-27012, CVE-2024-42228)
Northern Ireland Police Data Leak Sees Service Fined by ICO
The ICO blamed the Police Service of Northern Ireland for procedural failings that exposed the personal data of 9843 personnel, putting police officers at risk
LevelBlue: Driving Cyber Resilience in October (and Beyond)
As we navigate the rapidly evolving technology landscape in 2024, Cybersecurity Awareness Month, now in its 21st year, highlights the increasing importance of protecting against the evolving threat environment across all areas of a business. This initiative motivates both individuals and entire organizations to adopt essential practices that enhance online safety.
Every October, Cybersecurity Awareness Month focuses on driving a collaborative effort in fostering cyber education, and like in 2023, it promotes the theme – “Secure Our World.”
As a Cybersecurity Awareness Month Champion, LevelBlue continues to show its dedication to this mission, while promoting the importance of cyber resilience among growing opportunities for innovation that might also increase cyber risk. This means simplifying security, aiming to provide always-on services that make governance, planning, resource allocation, and innovation easier than ever without sacrificing cyber protection.
Aligning on Cyber Resilience Goals Among the C-suite
As cybersecurity threats evolve, one of the biggest challenges facing organizations is the misalignment among C-suite leaders – which weakens overall cyber resilience.
The 2024 LevelBlue Executive Accelerator analyzes the dynamics among C-suite executives to better understand issues that prevent risk reduction, stall or complicate compliance, and create barriers to cyber resilience. According to its findings, 73% of CISOs expressed concern over cybersecurity becoming unwieldy, requiring risk-laden tradeoffs, compared to only 58% of both CIOs and CTOs. This indicates a heightened concern among CISOs about balancing immediate security measures with the practicalities of implementing new technologies and managing resources. That need for tradeoffs suggests that CISOs are struggling to maintain a balance between advancing technological capabilities and ensuring robust cybersecurity measures, potentially leaving organizations exposed to increased risk.
This Cybersecurity Awareness Month, organizations must focus on improved alignment within the C-suite to provide clearer guidance on cybersecurity priorities by fostering a unified approach to risk management and operational resilience. When CIOs, CTOs, and CISOs collaborate closely, they can prioritize investments in cybersecurity technologies that mitigate risks effectively while supporting business objectives. This alignment reduces ambiguity and ensures that resources are allocated strategically, alleviating some of the pressure on CISOs to make unilateral decisions.
Achieving Cyber Resilience with Five Specific Steps
To effectively achieve cyber resilience, LevelBlue promotes five crucial steps that the C-suite and organizations as a whole should take – not only during Cybersecurity Awareness Month, but beyond:
Identify the barriers – This allows organizations to understand unique vulnerabilities and weaknesses in their current systems.
Adopt a “secure by design” approach – Organizations must ensure that security measures are integrated into every phase of product and system development, rather than being an afterthought.
Align cyber investments with business objectives – Resources must be allocated in ways that bolster overall organizational goals while enhancing security posture.
Build a support ecosystem that fosters collaboration and knowledge sharing among stakeholders – This creates a more robust defense against cyber threats.
Transform cybersecurity strategies to be agile and adaptive – This enables organizations to respond to evolving threats effectively, no matter how advanced an attack may become.
During Cybersecurity Awareness Month – and every month following – implementing these steps allows organizations to enhance their resilience against cyber incidents, ensuring not just protection but also the ability to thrive in an increasingly complex digital landscape. This proactive approach, among C-suite alignment, not only mitigates risks but also positions businesses to capitalize on opportunities in a secure manner, ultimately fostering trust among customers and stakeholders alike.
For more information about Cybersecurity Awareness Month and to engage in its various activities throughout the month, visit CISA’s Cybersecurity Awareness Month web page and Stay Safe Online Cybersecurity Awareness Month website.
LevelBlue: Driving Cyber Resilience in October (and Beyond)
As we navigate the rapidly evolving technology landscape in 2024, Cybersecurity Awareness Month, now in its 21st year, highlights the increasing importance of protecting against the evolving threat environment across all areas of a business. This initiative motivates both individuals and entire organizations to adopt essential practices that enhance online safety.
Every October, Cybersecurity Awareness Month focuses on driving a collaborative effort in fostering cyber education, and like in 2023, it promotes the theme – “Secure Our World.”
As a Cybersecurity Awareness Month Champion, LevelBlue continues to show its dedication to this mission, while promoting the importance of cyber resilience among growing opportunities for innovation that might also increase cyber risk. This means simplifying security, aiming to provide always-on services that make governance, planning, resource allocation, and innovation easier than ever without sacrificing cyber protection.
Aligning on Cyber Resilience Goals Among the C-suite
As cybersecurity threats evolve, one of the biggest challenges facing organizations is the misalignment among C-suite leaders – which weakens overall cyber resilience.
The 2024 LevelBlue Executive Accelerator analyzes the dynamics among C-suite executives to better understand issues that prevent risk reduction, stall or complicate compliance, and create barriers to cyber resilience. According to its findings, 73% of CISOs expressed concern over cybersecurity becoming unwieldy, requiring risk-laden tradeoffs, compared to only 58% of both CIOs and CTOs. This indicates a heightened concern among CISOs about balancing immediate security measures with the practicalities of implementing new technologies and managing resources. That need for tradeoffs suggests that CISOs are struggling to maintain a balance between advancing technological capabilities and ensuring robust cybersecurity measures, potentially leaving organizations exposed to increased risk.
This Cybersecurity Awareness Month, organizations must focus on improved alignment within the C-suite to provide clearer guidance on cybersecurity priorities by fostering a unified approach to risk management and operational resilience. When CIOs, CTOs, and CISOs collaborate closely, they can prioritize investments in cybersecurity technologies that mitigate risks effectively while supporting business objectives. This alignment reduces ambiguity and ensures that resources are allocated strategically, alleviating some of the pressure on CISOs to make unilateral decisions.
Achieving Cyber Resilience with Five Specific Steps
To effectively achieve cyber resilience, LevelBlue promotes five crucial steps that the C-suite and organizations as a whole should take – not only during Cybersecurity Awareness Month, but beyond:
Identify the barriers – This allows organizations to understand unique vulnerabilities and weaknesses in their current systems.
Adopt a “secure by design” approach – Organizations must ensure that security measures are integrated into every phase of product and system development, rather than being an afterthought.
Align cyber investments with business objectives – Resources must be allocated in ways that bolster overall organizational goals while enhancing security posture.
Build a support ecosystem that fosters collaboration and knowledge sharing among stakeholders – This creates a more robust defense against cyber threats.
Transform cybersecurity strategies to be agile and adaptive – This enables organizations to respond to evolving threats effectively, no matter how advanced an attack may become.
During Cybersecurity Awareness Month – and every month following – implementing these steps allows organizations to enhance their resilience against cyber incidents, ensuring not just protection but also the ability to thrive in an increasingly complex digital landscape. This proactive approach, among C-suite alignment, not only mitigates risks but also positions businesses to capitalize on opportunities in a secure manner, ultimately fostering trust among customers and stakeholders alike.
For more information about Cybersecurity Awareness Month and to engage in its various activities throughout the month, visit CISA’s Cybersecurity Awareness Month web page and Stay Safe Online Cybersecurity Awareness Month website.