Security Boulevard

via the comic & dry wit of Randall Munroe, creator of XKCD

Permalink

The post Randall Munroe’s XKCD ‘Monocaster’ appeared first on Security Boulevard.

Authors/Presenters:Zichen Gui, Kenneth G. Paterson, Tianxin Tang

Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott; and via the organizations YouTube channel.

Permalink

The post USENIX Security ’23 – Security Analysis of MongoDB Queryable Encryption appeared first on Security Boulevard.

Introduction Ivanti Endpoint Manager (EPM) is an enterprise endpoint management solution that allows for centralized management of devices within an organization. On September 12th, 2024, ZDI and Ivanti released an advisory describing a deserialization vulnerability resulting in remote code execution with a CVSS score of 9.8. In this post we detail the internal workings of this vulnerability. Our POC can be found here. We would like to credit @SinSinology with the discovery of this vulnerability. AgentPortal The ZDI advisory told us exactly where to look for the vulnerability. A service named AgentPortal. A quick search shows us that we can find the file at C:\Program Files\LanDesk\ManagementSuite\AgentPortal.exe. Upon further investigation, we find that it is a .NET binary. After loading AgentPortal.exe into JetBrains dotPeek for decompilation, we find that its not a very complicated program. It’s main responsibility is creating a .NET Remoting service for the IAgentPortal interface. IAgentPortal Interface The IAgentPortal interface is pretty simple, it consists of functions to create Requests and other functions to get the results and check the status of those requests. Digging into what kind of requests we can make, we find the ActionEnum enum. We are immediately drawn to the RunProgram option. The handler […]

The post CVE-2024-29847 Deep Dive: Ivanti Endpoint Manager AgentPortal Deserialization of Untrusted Data Remote Code Execution Vulnerability appeared first on Horizon3.ai.

The post CVE-2024-29847 Deep Dive: Ivanti Endpoint Manager AgentPortal Deserialization of Untrusted Data Remote Code Execution Vulnerability appeared first on Security Boulevard.

Artificial intelligence (AI) is no longer just a buzzword in the cybersecurity industry—it’s an essential tool for staying ahead of threats. But how are leading organizations leveraging AI in cybersecurity effectively, and what challenges do they face? During a recent Nuspire webinar, experts J.R. Cunningham, Michael Wilson and Marcy Elder uncover how AI is transforming cybersecurity operations and what the ... Read More

The post AI in Cybersecurity: Experts Discuss Opportunities, Misconceptions and the Path Forward appeared first on Nuspire.

The post AI in Cybersecurity: Experts Discuss Opportunities, Misconceptions and the Path Forward appeared first on Security Boulevard.

Are you confident your vulnerability management is doing its job, or do you sometimes feel like it’s falling short? Many companies invest time and resources into managing vulnerabilities, yet still...

The post Top 5 Vulnerability Management Mistakes Companies Make (Plus a Bonus Mistake to Avoid) appeared first on Strobes Security.

The post Top 5 Vulnerability Management Mistakes Companies Make (Plus a Bonus Mistake to Avoid) appeared first on Security Boulevard.

By Joe Doyle If you’ve encountered cryptography software, you’ve probably heard the advice to never use a nonce twice—in fact, that’s where the word nonce (number used once) comes from. Depending on the cryptography involved, a reused nonce can reveal encrypted messages, or even leak your secret key! But common knowledge may not cover every […]

The post Friends don’t let friends reuse nonces appeared first on Security Boulevard.

Insight #1 Where should a CISO focus — on immediate threats, or on long-term security? The answer is “both.” A comprehensive cybersecurity strategy necessitates that CISOs allocate resources and planning for both immediate threats and long-term security posture enhancements. An unbalanced approach, favoring one over the other, often leads to heightened stress, inefficient operations, diminished performance metrics and an increased vulnerability to breaches.   Insight #2 While the traditional concept of security orchestration, automation and response (SOAR) might be diminished (
per Gartner), the criticality of security automation remains undisputed. Security teams are intensifying their efforts to automate threat detection and incident response tasks to combat the escalating complexity and volume of modern cyberattacks.   Insight #3 The exploitation of human trust is a
timeless tactic employed by attackers. The shift toward remote work and technological advancements have not altered this fundamental truth; they've merely provided attackers with more sophisticated tools and more avenues to identify and manipulate their targets.

The post Cybersecurity Insights with Contrast CISO David Lindner | 09/13/24 appeared first on Security Boulevard.

As startup founders, it’s easy to get enamored with our ideas. We pour our passion and energy into crafting what we believe to be the...Read More

The post Don’t Fall in Love with Your Ideas, Let Your Customers Shape Them appeared first on ISHIR | Software Development India.

The post Don’t Fall in Love with Your Ideas, Let Your Customers Shape Them appeared first on Security Boulevard.

Realm.Security has launched a platform for collecting and normalizing cybersecurity telemetry data that promises to streamline analytics.

The post Realm.Security Emerges to Tackle Cybersecurity Data Management appeared first on Security Boulevard.

Yesterday, as I was preparing this article, I had the opportunity to present at a TuxCare webinar, where we introduced live patching. Throughout the presentation, we discussed various characteristics of this patching methodology. While reflecting on these aspects, I realized that one particular point deserves more attention — the role of live patching as a […]

The post Live Patching as a Growth Enabler for Your Infrastructure appeared first on TuxCare.

The post Live Patching as a Growth Enabler for Your Infrastructure appeared first on Security Boulevard.

Automated certificate lifecycle management (CLM) simplifies the complex process of managing SSL/TLS certificates, enhancing efficiency and security for businesses. As digital certificates become harder to deploy and renew manually, Sectigo's CLM maturity model provides a framework to guide organizations at different stages of automation. It helps businesses efficiently manage their certificate needs, ensuring smoother operations and stronger security. Automation is key, but the right strategy depends on the specific needs of each business.

The post Sectigo’s CLM maturity model for digital certificate management appeared first on Security Boulevard.

Most password protection methods use some form of encryption, but is there a clear choice between software and hardware encryption when it comes to protecting your personal or business files from theft, loss, or hacking?

The post How Secure is the “Password Protection” on Your Files and Drives? appeared first on Security Boulevard.

A Google Sheets exploit has recently been discovered by cybersecurity experts Proofpoint. As per the initial information, the platform is being leveraged as a command-and-control (C2) mechanism. In this article, we’ll look at what the Google Sheets exploit is about, which sectors are being targeted, and more. Let’s begin! Google Sheets Exploit: Initial Discovery The […]

The post Espionage Alert: Google Sheets Exploit For Malware Control appeared first on TuxCare.

The post Espionage Alert: Google Sheets Exploit For Malware Control appeared first on Security Boulevard.

In today's digital age, cybersecurity compliance is no longer just a legal necessity or a defensive measure; it has become a catalyst for innovation and growth.

The post Cybersecurity Compliance and Beyond: How Protocols Drive Innovation and Growth appeared first on Security Boulevard.

We're told over and over again that there are hundreds of thousands of cybersecurity vacancies in the U.S. and millions worldwide. But from what I hear, many new entrants to the application security field find it difficult to land jobs. Why?

The post Why Breaking into Cybersecurity Isn’t as Easy as You Think appeared first on Security Boulevard.

Explore our application security complete guide and find key trends, testing methods, best practices, and tools to safeguard your software.

The post Application Security — The Complete Guide appeared first on Security Boulevard.

Infrastructure robustness is critical for ensuring the resilience and reliability of your systems. This comprehensive guide explores key metrics used to assess and improve infrastructure robustness.

The post Comprehensive Guide to Infrastructure Robustness Metrics appeared first on Security Boulevard.

In the energy and utility sector, safeguarding data and ensuring compliance with regulatory standards is paramount. With the increasing digitalization of operations, from smart grids to IoT-enabled devices, the need for robust encryption methods to protect sensitive information has never been greater. Imperva stands out as the only SaaS vendor supporting a comprehensive range of […]

The post Enhancing Security and Compliance in the Energy Sector: Imperva’s Cipher Suite Support appeared first on Blog.

The post Enhancing Security and Compliance in the Energy Sector: Imperva’s Cipher Suite Support appeared first on Security Boulevard.

Jerry Dawkins, PhD In the world of cybersecurity, the recent incident involving Snowflake has sparked a significant discussion around the shared responsibility between vendors and customers. The attacks, which targeted over 100 Snowflake customers, have highlighted vulnerabilities that arise not from the platform itself, but from how customers manage their security environments. A Bold Stance: […]

The post Navigating the Shared Responsibility Model: Lessons Learned from the Snowflake Cybersecurity Incident appeared first on CISO Global.

The post Navigating the Shared Responsibility Model: Lessons Learned from the Snowflake Cybersecurity Incident appeared first on Security Boulevard.

Authors/Presenters:Elias Heftrig, Haya Shulman, Michael Waidner

Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott; and via the organizations YouTube channel.

Permalink

The post USENIX Security ’23 – Downgrading DNSSEC: How to Exploit Crypto Agility for Hijacking Signed Zones appeared first on Security Boulevard.