Aggregator

军情内参正式更名为QB信息中心专属下载福利《每日开源》已更新2024第54期（总第286期）每周更新五天《全

Learn how data security posture management (DSPM) and AI security posture management (AI-SPM) can help you address key cloud security challenges.

The cloud has become the lifeblood of modern businesses. Its flexibility, scalability and ever-expanding range of storage technologies have fueled a data explosion. From object storage for massive media archives to NoSQL databases for real-time analytics, organizations are embracing a diverse cloud data landscape.

Artificial intelligence (AI) is another key driver behind the ever-increasing volume and variety of data stored in the cloud. As AI applications become more sophisticated, they require more data to learn and function effectively. 

Together, this creates a virtuous cycle — the more data stored and used the greater the range of AI use cases, which attract even more users. But with each new user, data type and storage solution, the cloud attack surface expands.

Traditional, perimeter-based security struggles in the dynamic world of cloud storage. Data in the cloud is constantly on the move, residing in various locations and formats. Further, with the rapid improvements in AI technology, many organizations are now using and/or creating new proprietary AI models based on their data to deliver novel insights and innovations.

How DSPM and AI-SPM can improve cloud security

The cloud’s unique challenges and opportunities for data and AI make it crucial for organizations to address the full spectrum of security responsibilities that accompany collecting, storing and using data. These responsibilities include automatically and continuously scanning data assets, discovering and monitoring sensitive data and alerting on any potential risk. To address these challenges, new solutions such as data security posture management (DSPM) and AI security posture management (AI-SPM) are becoming integral to many organizations.

Most cloud security solutions offer numerous valuable tools, but lack the proper data analysis needed to help practitioners prioritize the organization’s most sensitive assets. Though such cloud security solutions may excel at securing the cloud environment itself, they fail to address the data and AI resources residing within. Conversely, though standalone DSPM and AI-SPM services act as powerful spotlights to illuminate data and AI resources, if they’re not combined with broader cloud security measures, they can't prevent unauthorized access or breaches that exploit vulnerabilities in the cloud infrastructure. 

In order to gain robust protection for your organization, you need DSPM and AI-SPM to pinpoint your valuable data and AI resources and cloud security solutions to build a secure vault around them.

Tenable Cloud Security now offers DSPM and AI-SPM capabilities

To help organizations address their data and AI security needs, Tenable Cloud Security now has fully integrated DSPM and AI-SPM capabilities.

Source: Tenable, October 2024

Tenable Cloud Security’s integrated DSPM and AI-SPM features offer significant advantages over standalone products. Users are empowered with deep data discovery and classification, ensuring sensitive information is identified and prioritized for protection. This intrinsic visibility allows for focused security measures and simplifies compliance efforts. We’ve also further enhanced Tenable’s best-in-class cloud infrastructure entitlement management (CIEM) capabilities to enforce AI entitlement management, enabling organizations to ensure only users with the correct access policies can access proprietary AI models.

The DSPM and AI-SPM features integrated into Tenable Cloud Security, a cloud native application protection platform (CNAPP), make it a force multiplier for securing your organization. 

The future of cloud security lies in a unified approach that addresses the full spectrum of threats. CNAPPs are evolving to become the central nervous system of cloud security, offering a single pane of glass for managing vulnerabilities, workload protection and access control. The integration of DSPM and AI-SPM capabilities into Tenable Cloud Security represents a significant step toward this vision. As CNAPP platforms evolve, we can expect a future where cloud security becomes as seamless and scalable as the cloud itself.

Learn more about DSPM and AI-SPM

• Webinar: Know Your Exposure: Is Your Cloud Data Secure in the Age of AI?
• Data Sheet: Data Security in a Unified Cloud Security Solution
• Data Sheet: Securing AI resources and data in the cloud with Tenable Cloud Security
• Infographic: When CNAPP met DSPM
• Demo Video

今年，有什么产品，改变了一点点你的生活和人生？

诚挚邀请各界人士参与，共同见证中国科技创新的辉煌与未来！

Q3 2024 saw a slight increase in ransomware activity, with 1,266 organizations listed on ransomware data-leak sites—a 2.3% increase from 1,237 in the previous quarter.

Q3 2024 saw a slight increase in ransomware activity, with 1,266 organizations listed on ransomware data-leak sites—a 2.3% increase from 1,237 in the previous quarter.

0xGame week1 re&pwn&web

Windows 内核态驱动本地权限提升漏洞（CVE-2024-35250）

Lawmakers Demand Answers, Security Overhaul After Chinese Hack of Telecom Networks
Congress is demanding answers from AT&T, Verizon, and Lumen after reports revealed that Chinese hackers breached U.S. telecom infrastructure, targeting systems linked to court-authorized wiretaps, as the FBI and the Cybersecurity and Infrastructure Security Agency investigate the Salt Typhoon group.

Texas-Based Gryphon Healthcare Says an Unnamed Third Party Was at Center of Breach
A Texas-based revenue cycle management firm is notifying about 400,000 individuals of a hacking incident it says originated with another third party. The incident is among a growing list of major breaches implicating vendors and cumulatively affecting tens of millions of patients so far this year.

Sector Uses Multifactor, Eschews Cloud, Can't Afford Cyber Insurance
The oil and gas industry has high levels of cyber awareness and low levels of cyber insurance, says a sectoral assessment from credit rating agency Moody's. The sector has experienced a clutch of high-profile attacks including a high-profile 2021 incident at Colonial Pipeline.

Only Six Nations Have Incorporated NIS2 Into National Statute
Most European countries are set to miss a trading bloc deadline for implementing a key cybersecurity regulation that requires measures such as mandatory security auditing for essential services such as hospitals and banks. Just six countries have integrated the NIS2 directive into national law.

Today, the Biden-Harris Administration announced that the U.S. Department of Commerce and Wolfspeed, Inc. have signed a non-binding preliminary memorandum of terms (PMT) to provide up to $750 million in proposed direct funding under the CHIPS and

Today, CISA published the Framing Software Component Transparency, created by the Software Bill of Materials (SBOM) Tooling & Implementation Working Group, one of the five SBOM community-driven workstreams facilitated by CISA. CISA’s community-driven working groups publish documents and reports to advance and refine SBOM and ultimately promote adoption. This resource serves as the detailed foundation of SBOM, defining SBOM concepts and related terms and offering an updated baseline of how software components are to be represented. This document serves as a guide on the processes around SBOM creation.

For more information on all things SBOM, please visit CISA’s Software Bill of Materials website.

CISA released two Industrial Control Systems (ICS) advisories on October 15, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

• ICSA-24-289-01 Siemens Siveillance Video Camera
• ICSA-24-289-02 Schneider Electric Data Center Expert

CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

• CVE-2024-30088 Microsoft Windows Kernel TOCTOU Race Condition Vulnerability
• CVE-2024-9680 Mozilla Firefox Use-After-Free Vulnerability
• CVE-2024-28987 SolarWinds Web Help Desk Hardcoded Credential Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

The new center will support U.S. engagement in international standardization for critical and emerging technologies.

This blog is part of a larger NIST series during the month of October for Cybersecurity Awareness Month , called 'Staff Stories Spotlight.' Throughout the month of October this year, Q&A style blogs will be published featuring some of our unique staff members who have interesting backgrounds, stories to tell, and projects in the world of cybersecurity. This year’s Cybersecurity Awareness Month theme is ‘Secure our World.’ How does this theme resonate with you, as someone working in cybersecurity? Now more than ever, the use of technology is central to our lives. It is the means by which we are