Security Boulevard

Articles related to cyber risk quantification, cyber risk management, and cyber resilience.

The post Leveraging CRQ to Comply With DORA Regulations | Kovrr appeared first on Security Boulevard.

As AI adoption grows, so does organizations’ appetite for the vast data from disparate sources needed to train AI models. Because of this, companies are grappling with how to safeguard a surging amount of fragmented data wherever it lives.

The post DSPM: A Cybersecurity Approach Tailor-Made for This AI Era appeared first on Security Boulevard.

LLMs are different from other tools and different approaches are required to mitigate their risks involving new security technologies.

The post Strategies for Mitigating LLM Risks in Cybersecurity appeared first on Security Boulevard.

The Payment Card Industry Data Security Standard (PCI DSS) aims to improve credit, debit and cash card transaction security and protect cardholders from breaches of their personal information.

The post Effective Third-Party Risk Management Under PCI DSS 4.0 appeared first on Security Boulevard.

The cloud has revolutionized how businesses operate, offering unprecedented agility and scalability. However, this rapid adoption has also introduced a new wave of security challenges. A recent Checkpoint cloud security...

The post How Strobes Uncover Hidden Cloud Risks Within Your Organization? appeared first on Strobes Security.

The post How Strobes Uncover Hidden Cloud Risks Within Your Organization? appeared first on Security Boulevard.

In episode 341, we cover the unprecedented global IT outage caused by a CrowdStrike update crash, affecting 8.5 million Windows machines. We discuss whether it’s the largest outage in history and discuss the intricacies of internet accessibility and responses from key stakeholders like Microsoft. Also, in our Aware Much segment, we explore Japan’s AI system, […]

The post The Great CrowdStrike Crash, AI’s Role in Employee Smiles appeared first on Shared Security Podcast.

The post The Great CrowdStrike Crash, AI’s Role in Employee Smiles appeared first on Security Boulevard.

Authors/Presenters:Qi Liu, Jieming Yin, Wujie Wen, Chengmo Yang, Shi Shay

Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott; and via the organizations YouTube channel.

Permalink

The post USENIX Security ’23 – NeuroPots: Realtime Proactive Defense against Bit-Flip Attacks in Neural Networks appeared first on Security Boulevard.

Proofpoint Email Fraud Defense is a familiar name ...

The post Top 10 Proofpoint Alternatives and Competitors in 2024 appeared first on EasyDMARC.

The post Top 10 Proofpoint Alternatives and Competitors in 2024 appeared first on Security Boulevard.

PowerDMARC is a well-known DMARC solution, but it ...

The post Top 10 PowerDMARC Alternatives and Competitors in 2024 appeared first on EasyDMARC.

The post Top 10 PowerDMARC Alternatives and Competitors in 2024 appeared first on Security Boulevard.

Mimecast DMARC Analyzer is a popular DMARC solution, ...

The post Top 10 Mimecast DMARC Analyzer Alternatives and Competitors in 2024 appeared first on EasyDMARC.

The post Top 10 Mimecast DMARC Analyzer Alternatives and Competitors in 2024 appeared first on Security Boulevard.

OnDMARC is a well-known DMARC provider, but there ...

The post Top 10 Red Sift OnDMARC Alternatives & Competitors in 2024 appeared first on EasyDMARC.

The post Top 10 Red Sift OnDMARC Alternatives & Competitors in 2024 appeared first on Security Boulevard.

Authors/Presenters:Deevashwer Rathee, Anwesh Bhattacharya, Divya Gupta, Rahul Sharma, Dawn Song

Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott; and via the organizations YouTube channel.

Permalink

The post USENIX Security ’23 – Secure Floating-Point Training appeared first on Security Boulevard.

When Tennisha Martin, a veteran software quality assurance analyst, sought to move over to a security team a few years ago, the doors should have been wide open, given the much-ballyhooed cybersecurity skills shortage.

Related: Modernizing security training

Instead, … (more…)

The post Black Hat Fireside Chat: ‘Black Girls Hack’ emphasizes diversity as effective force multiplier first appeared on The Last Watchdog.

The post Black Hat Fireside Chat: ‘Black Girls Hack’ emphasizes diversity as effective force multiplier appeared first on Security Boulevard.

CMMC is a familiar framework to any contractor working as part of the defense industrial base and handling any form of controlled unclassified information. Whether it’s compliance in general, a specific clause relating to DFARS 252.204-7012 in your contract, or impetus from another source, you’re going to need to implement security standards from NIST SP […]

The post CMMC Compliance: Customer and Shared Responsibility Matrix appeared first on Security Boulevard.

Discover the power of External Secrets Manager with Akeyless. Simplify secrets management across multiple platforms and clouds, centralize control, enhance visibility, and ensure compliance.

The post Akeyless Universal Secrets Connector: A Secrets Manager of Managers appeared first on Akeyless.

The post Akeyless Universal Secrets Connector: A Secrets Manager of Managers appeared first on Security Boulevard.

Secrets are ranked as the leading cause of data breaches. Combat this by learning how to best use static, rotated, and dynamic secrets.

The post What’s in a Secret? Best Practices for Static, Rotated and Dynamic Secrets appeared first on Akeyless.

The post What’s in a Secret? Best Practices for Static, Rotated and Dynamic Secrets appeared first on Security Boulevard.

Authors/Presenters:Luca Di Bartolomeo, Hossein Moghaddas, Mathias Payer

Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott; and via the organizations YouTube channel.

The post USENIX Security ’23 – ARMore: Pushing Love Back Into Binaries appeared first on Security Boulevard.

Axio’s CRQ Included in Gartner’s 2024 Hype Cycle for Cyber-Risk Management Historically, Gartner’s Hype Cycle for Cyber Risk 2024 focused more on benchmarking and probability, but it has now increased

Read More

The post Gartner’s 2024 Hype Cycle for Cyber-Risk Management Focuses More on Impact appeared first on Axio.

The post Gartner’s 2024 Hype Cycle for Cyber-Risk Management Focuses More on Impact appeared first on Security Boulevard.

Introducing Hybrid Attack Paths Death from Above: An Attack Path from Azure to Active Directory With BloodHound

When we introduced Azure Attack Paths into BloodHound, they were added as a completely separate sub-graph. At no point did Active Directory (AD) and Azure connect within a BloodHound dataset. Ever since adding Azure (honestly, even before that), we’ve wanted to solve that problem. We’re so very excited to introduce the first version of what we’ve taken to calling a “hybrid path” into BloodHound!

Microsoft Entra Cloud Sync and Microsoft Entra Connect Sync allow administrators to synchronize users from on-premises AD domains up to Entra ID tenants. Additionally, administrators can choose to enable a feature called “Password Hash Synchronization”, which replicates the password hashes from the on-premises user up to its Entra ID counterpart. This allows users to authenticate to Entra/Azure resources using their on-premises AD User Principal Name (UPN) and password. This creates Attack Paths from on-premises AD to Entra ID.

As of BloodHound v5.13.0, when data is collected from an Entra ID tenant as well as an AD domain with users synced between them, BloodHound will automatically generate Hybrid Attack Paths in the graph. Conveniently named “SyncedToADUser” and “SyncedToEntraUser”, these edges indicate where two users are synchronized, which may mean control of one grants control of the other. These edges are generated utilizing the “onpremsyncenabled” and the “onpremid” properties that result from an AzureHound collection. If an Entra ID user object is described as being synced (indicated by a “True” value in the “onpremsyncenabled” field), an edge will be added between the Entra ID user and the AD user identified in the “onpremid” field.

In the below screenshots, you can see the JD Entra ID user has sync enabled with an associated Object ID of the JD AD object displayed.

The Azure User Entity Panel showing the On Prem ID The AD User Entity Panel showing the a matching Object ID

To support these changes, we’ve included several additional pre-built queries in BloodHound for potentially interesting paths for hybrid environments. After clicking on the “Open” folder on the Cypher tab, these queries are available underneath the Azure section:

Cross Platform Attack Paths in Pre-Built Queries

Here’s a set of results from our example dataset for the pre-built query named on-premises Users synced to Entra Users with Entra Admin Roles:

Pathfinding also supports Hybrid Paths, which can uncover those configurations that allow BloodHound to cross from on-prem AD to Azure or vice versa. Here, we show a path starting from anyone in the on-premises domain to Global Administrators in Entra via ADCS and synced user accounts:

Domain Users (AD) to Global Administrators (Azure)

We are very excited to introduce these new edges into the product for testing and validation of hybrid environments. We are already hard at work to research and introduce additional hybrid paths, including computer object synchronization. Additionally, we are developing a capability within BloodHound Enterprise that will enable us to empirically measure the risk to our customers’ critical Tier Zero assets across these hybrid paths. We look forward to sharing more with everyone soon!

BloodHound Enterprise Attack Paths View Improvements

To kick off the start of the many UI improvements we have planned this year, we released an updated attack paths page for BloodHound Enterprise customers with increased readability and enhanced granularity:

New Attack Paths View in BloodHound Enterprise

First, we re-oriented the attack graph to a more familiar left-to-right view versus top to bottom:

This layout now clearly identifies the Tier Zero / critical asset group and states the current exposure for the domain or tenant.

A domain with 99% exposure highlighting an Active Directory Certificate Services Attack Path

We are also introducing a new attribute in this view called “Exposed Principals”. BloodHound Enterprise has always calculated this value but has previously only represented it as a percentage; now this is directly stated as a numeric value in the Attack Path view for additional clarity:

Today in BloodHound Enterprise, Attack Paths are given a severity rating based on their exposure percentage to Tier Zero:

• Critical — 96%+ Exposure
• High — 81–95% Exposure
• Moderate — 41–80% Exposure
• Low — 0–40% Exposure

Now we can not only report the percentage of identities and resources that have an Attack Path, but also include the raw count. This is helpful in large domains where Exposure percentage could be low (30% for example) and the count is useful to still articulate that “This Attack Path exposes Tier Zero to 35,364 principals”.

This number is included in both the Attack Path detail and the graph:

Next, we’ve included the count of findings within the header for every Attack Path:

This allows our users to understand the level of effort to help them better prioritize where to start. In this case, we have two Attack Path choke points that can be completely remediated with less effort.

The Attack Path choke points have also been given more viewable space (50% versus 30%) to make it easier to read the details and we’ve also added a button to drop the results to CSV:

You’ll also notice new helpful columns have been added to the findings details based on the type of Attack Path. For example, we’ve included the age of the password in the “Kerberoastable Users” findings as an indication of which passwords maybe easier to crack:

Introducing Dark Mode for BloodHound

Dark mode is now in early access for both BloodHound Community Edition and BloodHound Enterprise:

ADCS Attack Paths in sweet, sweet darkness Hybrid Attack Paths at

Dark mode can be enabled / disabled through the settings cog on the upper right-hand side of the product (after enabling in Early Access):

For our Enterprise customers, this new theme applies to all portions of the product:

Dark mode in Attack Paths view in BloodHound Enterprise Dark mode in detailed remediation in BloodHound Enterprise Domain security posture over time in dark mode in BloodHound Enterprise

We also standardized our light theme across the product to be more consistent and set up the introduction of other themes in the future. Try it now to remove some of that eye strain and let us know your thoughts!

Going to BlackHat next week? Check out all the updates in person at our booth (#2600) or come hang out with us and a ton of other amazing industry folks at our bowling party on Wednesday evening: https://events.humanitix.com/specterops-black-hat-happy-hour-at-brooklyn-bowl

Hybrid Attack Paths, New Views and your favorite dog learns an old trick was originally published in Posts By SpecterOps Team Members on Medium, where people are continuing the conversation by highlighting and responding to this story.

The post Hybrid Attack Paths, New Views and your favorite dog learns an old trick appeared first on Security Boulevard.

via the comic & dry wit of Randall Munroe, creator of XKCD

Permalink

The post Randall Munroe’s XKCD ‘Chili Tornado Quake’ appeared first on Security Boulevard.