Security Boulevard

Reimagining Risk Scoring: A Breakthrough in Security Risk Management

For years, AppSec and product security teams have been locked in endless debates about the most effective security frameworks and risk scoring methodologies. From CVSS and MITRE ATT&CK to NIST frameworks, these tools promise to quantify and manage security risks—but how truly helpful are they?

The Vulnerability Industrial Complex

‍

The unfortunate reality is that many security frameworks serve vendors more than they serve overworked security teams. These frameworks often become complex tools for justifying new tooling purchases rather than genuinely reducing security risk. It isn't uncommon for enterprises to wrestle with tens of millions of vulnerabilities, creating an overwhelming landscape of potential threats.

Traditional risk scoring has become a simplified veneer attempting to mask the intricate complexities of security risk management. Organizations desperately need a more intelligent, adaptive approach.

Introducing Agentic Risk Scoring

Today, Impart is revolutionizing risk scoring by leveraging large language models (LLMs) to generate custom risk scoring policies tailored to each organization's unique security needs.

How Agentic Risk Scoring Works

Our innovative solution empowers security teams to:

1. Express their risk profile through natural language prompts
2. Select from industry-standard presets like CVSS or MITRE ATT&CK
3. Automatically generate dynamic risk scoring methodologies

The platform intelligently identifies key risk factors, creates custom detection rules, and adapts scoring weights based on the organization's specific requirements.

A Transparent, Flexible Approach

Unlike traditional black-box solutions, Impart's platform provides:

• Comprehensive guardrails ensuring transparency
• Full explainability of risk assessment processes
• Unprecedented control for security teams

Powered by AgentOS, the system can:

• Dynamically enable appropriate out-of-the-box rules
• Generate additional rules for novel detection scenarios
• Allow quick risk profile modifications
• Validate rules through a robust testing framework

‍

Our Vision

We're not just offering another tool—we're providing a paradigm shift in security risk management. By combining advanced AI with deep security expertise, we're giving teams the ability to define their security posture on their own terms.

No more hardcoded risk rules. Just intelligent, adaptive security that works the way you do.

Join Our Beta

We're inviting forward-thinking security teams to experience this smarter, more adaptive approach to risk assessment. If you're ready to transform how you manage security risks, we want you in our beta program.

‍

‍

The post Introducing Agentic Risk Scoring | Impart Security appeared first on Security Boulevard.

Call it unstoppable momentum or call it yet another powerful validation of our breach-readiness approach. We’re riding high into RSA 2025 with triple Gold medals, and one Silver medal from the Globee Cybersecurity Awards. Claiming top honors for Microsegmentation, Healthcare Cybersecurity Solutions, and Pharmaceuticals & Biotech Cybersecurity Solutions, plus a Silver for Operational Technologies (OT) […]

The post ColorTokens’ Gold Rush at Globee Awards appeared first on ColorTokens.

The post ColorTokens’ Gold Rush at Globee Awards appeared first on Security Boulevard.

Alisa Viejo, United States, 25th March 2025, CyberNewsWire

The post Active Roles Wins 2025 Cybersecurity Excellence Award for Hybrid Active Directory Protection appeared first on Security Boulevard.

Author/Presenter: Dean Ford

Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; and via the organizations YouTube channel.

Permalink

The post BSidesLV24 – IATC – Blood in the Water: Preparing For the Feeding Frenzy appeared first on Security Boulevard.

Lasso today added an ability to autonomously simulate real-world cyberattacks against large language models (LLMs) to enable organizations to improve the security of artificial intelligence (AI) applications.

The post Lasso Adds Automated Red Teaming Capability to Test LLMs appeared first on Security Boulevard.

Run Security today launched an application security platform that leverages extended Berkeley Packet Filtering (eBPF) to secure application runtime environments.

The post Run Security Leverages eBPF to Strengthen Application Security appeared first on Security Boulevard.

Ramat Gan, Israel, 25th March 2025, CyberNewsWire

The post CYREBRO Recognized in Gartner Emerging Tech Report for Detection and Response Startups appeared first on Security Boulevard.

On Tuesday, March 25, 2025, BlackCloak released a watershed asset in executive and public persona cybersecurity: The Digital Executive Protection (DEP) Framework & Assessment Methodology - a comprehensive standard designed to address the deeply human side of cybersecurity risk.

The post The Illusion of Safety: BlackCloak’s DEP Security Framework Exposes the Devil’s Greatest Trick appeared first on Security Boulevard.

SDN offers a flexible, intelligent solution to address these challenges, empowering platforms to optimize performance, allocate resources effectively, enhance security and deliver seamless user experiences. 

The post Addressing Security Challenges in Cloud-Based Social Networks appeared first on Security Boulevard.

Citizen Lab has a new report on Paragon’s spyware:

Key Findings:

• Introducing Paragon Solutions. Paragon Solutions was founded in Israel in 2019 and sells spyware called Graphite. The company differentiates itself by claiming it has safeguards to prevent the kinds of spyware abuses that NSO Group and other vendors are notorious for.
• Infrastructure Analysis of Paragon Spyware. Based on a tip from a collaborator, we mapped out server infrastructure that we attribute to Paragon’s Graphite spyware tool. We identified a subset of suspected Paragon deployments, including in Australia, Canada, Cyprus, Denmark, Israel, and Singapore.
  ...

The post Report on Paragon Spyware appeared first on Security Boulevard.

Thales Named Overall Leader in KuppingerCole’s Leadership Compass Data Security Platforms
madhav
Tue, 03/25/2025 - 07:37

Thales has been named an Overall Leader in the 2025 KuppingerCole Leadership Compass in the Data Security Platforms category, earning this top ranking for its products, innovation, and market presence.

We live in a time when organizations face many data security challenges. The meteoric rise of Generative AI (GenAI) enables businesses to process data faster, and in previously unimagined ways, but it also creates a slew of new risks around data privacy, security, and potential leaks. Multi-cloud and hybrid environments promise much greater flexibility, but they make it infinitely harder to manage and secure data consistently across different platforms. Concurrently, complex, evolving, and increasingly stringent data privacy regulations mean entities have to maintain the strongest governance to stay compliant and avoid falling foul of regulators.

Protecting sensitive information has become increasingly difficult. Today’s organizations need flexible, powerful, and scalable solutions to keep their data safe. The KuppingerCole report takes an in-depth look at the evolving data security market, highlighting the solutions that have proved most successful in adapting to today’s shifting cybersecurity challenges.

The report also analyzes the key players in the data security space based on the strength of their products, their approach to innovation, and their market presence.

Following thorough research based on predefined criteria, the KuppingerCole report cites several strengths behind Thales’s selection as the top vendor in this category:

• A comprehensive data security portfolio that addresses all aspects of data security
• Broad coverage of databases and cloud data platforms
• Strong support for multi-cloud and hybrid cloud environments, ensuring consistent security policies across these distributed environments
• Advanced threat detection and automated remediation capabilities
• Compliance-centric design, facilitating regulatory adherence for enterprises

Thales’ Data Security Solutions

To help modern businesses address these burgeoning challenges, Thales spent several years expanding its presence and cementing its position as a leader in the data security market. It did this via a strategic series of acquisitions, including SafeNet, Vormetric, Gemalto, and most recently, Imperva, which now operates as a part of the Thales Cybersecurity Products division.

At the core of Thales' vision for a unified data security platform lies its comprehensive capabilities, designed to protect, manage, and govern data across complex multi-cloud and hybrid environments. Thales offers complementary strengths and excels in —proactive data protection and advanced security analytics—ensuring organizations can secure their most critical assets with confidence.

Thales' data security platform supports both structured and unstructured data, spanning relational databases, NoSQL systems, and cloud-native services to seamlessly provide security across disparate data assets and diverse environments.

The CipherTrust Data Security Platform's protection features include discovery, classification, encryption, key management, and tokenization, integrating with numerous third-party tools to extend security into unstructured data and secrets management. Additionally, Thales' Data Security Fabric provides real-time visibility, behavioral analysis, and threat detection, enabling organizations to identify risks, detect anomalies, and maintain compliance with greater precision. Together, these capabilities create a cohesive approach to data security, ensuring both proactive protection and continuous monitoring to safeguard sensitive data wherever it resides.

Adding Data Risk Intelligence to the Mix

However, data protection needs to be proactive and not reactive. Proactive security must be based in actionable intelligence. This is exactly the goal of Data Risk Intelligence (DRI) that was added to Thales data security features to help entities identify and prioritize data risks, such as unauthorized access, shadow data, AI-related risks, and cryptographic weaknesses. DRI does this by pulling together many different risk indicators, such as user permissions, vulnerabilities, encryption status, and suspicious activity, to give a more transparent and encompassing view of potential threats.

The Thales approach spans three main areas: protection, monitoring, and compliance.

• CDSP provides robust encryption for data at rest, in transit, and in use, along with tokenization and dynamic data masking to add another layer of protection for sensitive information. CDSP unifies data discovery, classification, data protection, and centralized management for keys and secrets into a single platform.
• DSF supports comprehensive monitoring with threat detection, and risk management user behavior analytics, anomaly detection, and real-time responses to attacks like SQL injection, data exfiltration, and ransomware, as well as insider threats such as suspicious activity, credential abuse, and more It also comes with risk visibility and automated remediation, which helps reduce the time it takes to respond to incident and avoid compliance issues.
• Both solutions address major regulatory requirements such as GDPR, HIPAA, PCI-DSS, ISO/IEC 27001, and FedRAMP, providing the detailed audit logs and centralized reporting needed to support governance and address audit requirements.

Through its ongoing innovation and key acquisitions, Thales continues to innovate by building a unified, scalable, and compliance-ready data security framework aimed at helping modern organizations protect their sensitive data assets in today’s complex IT environments. This results in fewer resources dedicated to security operations, ubiquitous compliance controls, and significantly reduced risk across complex IT environments

To learn more about the strengths of Thales’s leading data security platform, read the full KuppingerCole report here.

Data Security Compliance Cloud Security Encryption Key Management Security Intelligence

Krishna Ksheerabdhi | VP, Product Marketing
More About This Author > Schema {
"@context": "https://schema.org",
"@type": "BlogPosting",
"mainEntityOfPage": {
"@type": "WebPage",
"@id": "https://cpl.thalesgroup.com/blog/data-security/thales-named-overall-leader-kuppingercole-leadership-compass"
},
"headline": "Thales Named Overall Leader in KuppingerCole’s Leadership Compass Data Security Platforms",
"description": "Thales has been recognized as an Overall Leader in the 2025 KuppingerCole Leadership Compass for Data Security Platforms, demonstrating its leadership in data protection, innovation, and compliance.",
"image": "https://cpl.thalesgroup.com/sites/default/files/content/footer/thaleslogo-white.png",
"author": {
"@type": "Person",
"name": "Krishna Ksheerabdhi",
"url": "https://cpl.thalesgroup.com/blog/author/kksheerabdhi"
},
"publisher": {
"@type": "Organization",
"name": "Thales Group",
"description": "The world relies on Thales to protect and secure access to your most sensitive data and software wherever it is created, shared, or stored. Whether building an encryption strategy, licensing software, providing trusted access to the cloud, or meeting compliance mandates, you can rely on Thales to secure your digital transformation.",
"url": "https://cpl.thalesgroup.com",
"logo": "https://cpl.thalesgroup.com/sites/default/files/content/footer/thaleslogo-white.png",
"sameAs": [
"https://www.facebook.com/ThalesCloudSec",
"https://www.x.com/ThalesCloudSec",
"https://www.linkedin.com/company/thalescloudsec",
"https://www.youtube.com/ThalesCloudSec"
]
},
"datePublished": "2025-03-25",
"dateModified": "2025-03-25"
}

basic

The post Thales Named Overall Leader in KuppingerCole’s Leadership Compass Data Security Platforms appeared first on Security Boulevard.

Interview with Joe Silvia, CEO of MedWare Cyber Click here to listen. In late January, the FDA issued a safety warning on Contec CMS8000 patient monitors and those relabeled as MN-120. The Chinese-made devices, used by thousands of medical institutions across the world, contain back doors in the firmware that could put patients at risk.…

The post Will the FDA Start Banning Chinese-Made Medical Devices? appeared first on CodeSecure.

The post Will the FDA Start Banning Chinese-Made Medical Devices? appeared first on Security Boulevard.

Generative AI (GenAI) has emerged as a powerful tool for enterprises. However, a recent report by LayerX revealed a startling statistic: 89% of enterprise GenAI usage is invisible to organizations, exposing them to critical security risks. This blog delves into the report’s findings, its implications for data security, and the steps organizations can take to […]

The post 89% of Enterprises GenAI Usage Is Untracked, Posing Security Risks appeared first on Kratikal Blogs - Information Hub For Cyber Security Experts.

The post 89% of Enterprises GenAI Usage Is Untracked, Posing Security Risks appeared first on Security Boulevard.

Overview Recently, NSFOCUS CERT detected that Next.js issued a security announcement and fixed the middleware permission bypass vulnerability (CVE-2025-29927). Because Next.js lacks effective verification of the source of the x-middleware-subrequest header, when configuring to use middleware for authentication and authorization, an unauthenticated attacker can bypass system permission controls by manipulating the x-middleware-subrequest header to access […]

The post Next.js Middleware Permission Bypass Vulnerability (CVE-2025-29927) appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post Next.js Middleware Permission Bypass Vulnerability (CVE-2025-29927) appeared first on Security Boulevard.

Frequently asked questions about five vulnerabilities in the Ingress NGINX Controller for Kubernetes, collectively known as IngressNightmare.

Background

The Tenable Security Response Team (SRT) has compiled this blog to answer Frequently Asked Questions (FAQ) regarding IngressNightmare.

FAQ

What is IngressNightmare?

IngressNightmare is the name given to a series of vulnerabilities in the Ingress NGINX Controller for Kubernetes, an open source controller used for managing network traffic in Kubernetes clusters using NGINX as a reverse proxy and load balancer.

What are the vulnerabilities associated with IngressNightmare?

The following CVEs are associated with IngressNightmare:

CVE Description CVSSv3 CVE-2025-1097 Ingress NGINX Controller Configuration Injection via Unsanitized auth-tls-match-cn annotation 8.8 CVE-2025-1098 Ingress NGINX Controller Configuration Injection via Unsanitized Mirror Annotations 8.8 CVE-2025-1974 Ingress NGINX Admission Controller Remote Code Execution 9.8 CVE-2025-24513 Ingress NGINX Controller Auth Secret File Path Traversal Vulnerability 4.8 CVE-2025-24514 Ingress NGINX Controller Via Unsanitized Auth-URL Annotation 8.8

When was IngressNightmare first disclosed?

Public disclosure of IngressNightmare happened on March 24 when news outlets, such as The Hacker News, began reporting on these vulnerabilities. At the time those articles were published, no patches were yet available from the Kubernetes team nor had a blog been published by the researchers who discovered these flaws.

How critical are the IngressNightmare vulnerabilities?

Based on the CVSS scores for these vulnerabilities, three are categorized as high severity, one is categorized as medium severity and one is categorized as critical severity.

The most severe flaw, CVE-2025-1974, requires an unauthenticated remote attacker to be able to access the admission controller, a component in the Ingress NGINX Controller that has more privileged access within a Kubernetes cluster.

Are the IngressNightmare vulnerabilities part of a toxic combination?

Yes, the five vulnerabilities that make up IngressNightmare can be chained together as part of a toxic combination (or exploit chain). Successful exploitation of these flaws would grant an attacker the ability to access cluster secrets, which could result in a cluster takeover.

Was this exploited as a zero-day?

No, these vulnerabilities were reported to Kubernetes through coordinated disclosure.

Is there a proof-of-concept (PoC) available for these vulnerabilities?

As of March 24, there are no public proof-of-concept exploits for any of the five CVEs associated with IngressNightmare.

Are patches or mitigations available for IngressNightmare?

Yes, on the evening of March 24, the Kubernetes team published two fixed versions of Ingress NGINX Controller:

Affected product Affected versions Fixed version Ingress NGINX Controller 1.12.0 1.12.1 Ingress NGINX Controller 1.11.4 and below 1.11.5

Additionally, customers can use the following command to determine if clusters are using ingress-nginx:

kubectl get pods --all-namespaces --selector app.kubernetes.io/name=ingress-nginx

For more specific information about mitigation steps, please refer to the Kubernetes blog.

Does this also affect the NGINX Ingress Controller?

No, while the names may sound similar, IngressNightmare does not affect the NGINX Ingress Controller from F5.

Has Tenable released any product coverage for these vulnerabilities?

A list of Tenable plugins for these vulnerabilities will be available on the individual CVE pages as they’re released:

• CVE-2025-1097
• CVE-2025-1098
• CVE-2025-1974
• CVE-2025-24513
• CVE-2025-24514

Our Plugins Pipeline displays all available plugins for these vulnerabilities, including upcoming plugins, as they are added.

Additional coverage is being investigated by Tenable Research and this blog post will be updated accordingly.

Get more information

• Ingress-nginx CVE-2025-1974: What You Need to Know
• IngressNightmare: Vulnerabilities in Ingress NGINX

Join Tenable's Security Response Team on the Tenable Community.
Learn more about Tenable One, the Exposure Management Platform for the modern attack surface.

The post CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare appeared first on Security Boulevard.

While affected teams face months of disruption, organizations leveraging D3 Morpheus can reap the benefits of its vendor-resilient security architecture.

The post The Skybox Fallout: A Business Case for Vendor-Resilient Security Operations appeared first on D3 Security.

The post The Skybox Fallout: A Business Case for Vendor-Resilient Security Operations appeared first on Security Boulevard.

 

More
attacks targeting cryptocurrency users.  Microsoft
has identified a new Remote Access Trojan, named StilachiRAT, that has sophisticated
capabilities to remain stealthy and persistent so it can harvest crypto wallet
credentials via web browsers.

 

The
malware targets many widely used cryptocurrency wallet browser extensions:

1.       
Bitget Wallet (Formerly BitKeep)

2.       
Trust Wallet

3.       
TronLink

4.       
MetaMask (ethereum)

5.       
TokenPocket

6.       
BNB Chain Wallet

7.       
OKX Wallet

8.       
Sui Wallet

9.       
Braavos – Starknet Wallet

10.  
Coinbase Wallet

11.  
Leap Cosmos Wallet

12.  
Manta Wallet

13.  
Keplr

14.  
Phantom

15.  
Compass Wallet for Sei

16.  
Math Wallet

17.  
Fractal Wallet

18.  
Station Wallet

19.  
ConfluxPortal

20.  
Plug

If you
use any of these Chrome wallet extensions, be very careful.

As I
outlined in my 2025
Cybersecurity Predictions, I forecast an increased Nation State focus on
the finance sector, with specific emphasis on the cryptocurrency.  This year we have already seen a ~$1.5
billion hack of a crypto exchange Bybit. 

 

Microsoft’s
full write-up, including Indicators of Compromise (IoC) can be found in their
security analysis brief:

https://www.microsoft.com/en-us/security/blog/2025/03/17/stilachirat-analysis-from-system-reconnaissance-to-cryptocurrency-theft/

The post Advanced Malware Targets Cryptocurrency Wallets appeared first on Security Boulevard.

OAuth attacks are increasing, exploiting SaaS blind spots to gain covert access. Learn how these attacks work and why visibility is key to mitigating the risks.

The post The Rise of OAuth Attacks to Access Sensitive Systems | Grip appeared first on Security Boulevard.

Double hell-ix: Personal genomics firm tells customers your data is safe—but few will trust the loss-making biotech pioneer.

The post Spit Happens: 23andMe is Bankrupt — Secure Your DNA Data NOW Already appeared first on Security Boulevard.

Cary, NC, Mar. 24, 2025, CyberNewswire –– INE Security, a global provider of cybersecurity training and certification, today announced its initiative to spotlight the increasing cyber threats targeting healthcare institutions.

In recognition of National Physicians Week 2025, … (more…)

The post News alert: INE Security spotlights healthcare companies facing rising exposure to costly breaches first appeared on The Last Watchdog.

The post News alert: INE Security spotlights healthcare companies facing rising exposure to costly breaches appeared first on Security Boulevard.