Bitdefender found that 77% of Black Friday-themed spam emails in 2024 have been identified as scams, with attackers becoming more creative in their campaigns
Daily Archives: November 22, 2024
Five Ransomware Groups Responsible for 40% of Cyber-Attacks in 2024
Corvus Insurance highlighted the growing complexity and competition within the ransomware ecosystem, with the threat level remaining elevated
MITRE Unveils Top 25 Most Critical Software Flaws
The 25 most dangerous software weaknesses between June 2023 and June 2024 are responsible for almost 32,000 vulnerabilities
Manufacturing Sector in the Crosshairs of Advanced Email Attacks
Phishing attacks, business email compromise and vendor email compromise attacks on manufacturing have surged in the past 12 months
wireshark-4.2.9-1.fc40
FEDORA-2024-0b563ad294
Packages in this update:
wireshark-4.2.9-1.fc40
Update description:
New version 4.2.9
wireshark-4.4.2-1.fc41
FEDORA-2024-f9f740bc60
Packages in this update:
wireshark-4.4.2-1.fc41
Update description:
New version 4.4.2
DSPM vs CSPM: Key Differences and Their Roles in Data Protection
It’s becoming increasingly challenging to secure sensitive data. Cybercriminals are becoming more sophisticated, IT infrastructure is becoming more complex, and attack surfaces are increasing. With so much data now stored off-premises, organizations must protect not only their sensitive information but also the platforms that house it.
This is where data security posture management (DPSM) and cloud security posture management (CPSM) come in. Both technologies play critical roles in cloud data security and can be easily confused at first glance. So, let’s explore their key differences and their role in data protection.
Understanding DPSM
As the name suggests, DPSM is a data security tool. It is based on the idea that securing an organization’s sensitive information requires a deep understanding of the data itself. As such, DPSM solutions discover and classify sensitive data in cloud repositories, identifying vulnerabilities and potential risks associated with that data.
DPSM tools work in four phases. First, they discover an organization’s data across all its off-premises (cloud) platforms and classify it by its sensitivity to provide a comprehensive, contextualized data inventory. They then monitor cloud environments in real-time to identify any vulnerabilities or misconfigurations that could present a risk to data—the more sensitive the information, the higher the priority for remediation. By protecting data in this way, DPSM helps organizations maintain compliance with relevant regulations such as GDPR, HIPAA, and PCI DSS.
Understanding CPSM
Again, as the name suggests, CPSM is a cloud security tool. Rather than focusing on the data stored in cloud environments – as DPSM does – it focuses on securing the cloud infrastructure itself, continuously monitoring for misconfigurations, compliance issues, and security threats to help entities manage data access and data risk.
These solutions scan for misconfigurations – including vulnerabilities in cloud settings, permissions, and access controls – monitor for compliance with regulatory requirements and industry standards like CIS, NIST, CCPA, and GDPR, and ultimately help organizations remediate any issues before they turn into genuine security incidents.
Key Differences Between DPSM and CPSM
Although both DSPM and CSPM play vital roles in cloud security, their focus areas, tools and techniques, and use cases differ as follows:
Focus Area: DSPM is primarily data-centric, concentrating on protecting sensitive information stored in the cloud. In contrast, CSPM focuses on the broader infrastructure, ensuring the cloud environment is secure.
Tools and Techniques: DSPM uses data classification and encryption techniques, while CSPM employs tools for monitoring, detecting misconfigurations, and managing security policies.
Use Cases: DSPM is ideal for protecting data assets and ensuring compliance, especially in heavily regulated industries. CSPM is more suitable for preventing infrastructure-based vulnerabilities and maintaining cloud security hygiene.
These differences highlight that while DSPM ensures that data is properly secured and compliant, CSPM works to keep the underlying cloud infrastructure safe from threats and vulnerabilities.
Real-World Use Cases
To put all this into context, let’s look at a real-world use case for each solution.
DPSM: Most modern healthcare organizations will store at least some patient data in the cloud. DSPM can help ensure that this sensitive data is encrypted, classified correctly, and only accessible to authorized personnel, thereby preventing data breaches.
CPSM: Many larger organizations manage extensive, diverse cloud resources. CPSM is invaluable for detecting misconfigurations, such as open ports or misassigned permissions, that could lead to unauthorized data access or cyberattacks.
The Interplay Between DPSM and CPSM
That said, DPSM and CPSM work best when used in conjunction. Both solutions provide comprehensive cloud security—DSPM protects the data, while CSPM secures the environment in which the data resides.
Enhanced Data Protection: DSPM’s data-centric controls can help identify where sensitive data is stored and who has access to it, which CSPM can then safeguard by ensuring that the cloud environment is configured correctly.
Improved Threat Detection: The combination of DSPM’s data behavior analysis and CSPM’s infrastructure monitoring provides a multi-layered approach to identifying anomalies and potential threats.
Regulatory Compliance: While DSPM directly ensures that data handling meets regulatory requirements, CSPM supports compliance by maintaining a secure and auditable cloud environment.
Why You Need Both DPSM and CPSM
DSPM and CSPM are both critical components of a modern data security strategy, each playing a distinct yet complementary role in protecting cloud environments. While DSPM focuses on securing the data itself, CSPM ensures that the cloud infrastructure is robust and resilient against attacks. Together, they provide a powerful defense mechanism that addresses both data-centric and infrastructure-based threats.
USN-7015-6: Python regressions
USN-7015-5 fixed vulnerabilities in python2.7. The update introduced
several minor regressions. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that the Python email module incorrectly parsed email
addresses that contain special characters. A remote attacker could
possibly use this issue to bypass certain protection mechanisms.
(CVE-2023-27043)
It was discovered that Python allowed excessive backtracking while parsing
certain tarfile headers. A remote attacker could possibly use this issue
to cause Python to consume resources, leading to a denial of service.
(CVE-2024-6232)
It was discovered that the Python email module incorrectly quoted newlines
for email headers. A remote attacker could possibly use this issue to
perform header injection. (CVE-2024-6923)
It was discovered that the Python http.cookies module incorrectly handled
parsing cookies that contained backslashes for quoted characters. A remote
attacker could possibly use this issue to cause Python to consume
resources, leading to a denial of service. (CVE-2024-7592)
It was discovered that the Python zipfile module incorrectly handled
certain malformed zip files. A remote attacker could possibly use this
issue to cause Python to stop responding, resulting in a denial of
service. (CVE-2024-8088)