Security Boulevard

via the comic & dry wit of Randall Munroe, creator of XKCD

Permalink

The post Randall Munroe’s XKCD ‘Storage Tanks’ appeared first on Security Boulevard.

One of the major challenges organizations face in certificate lifecycle management is the timely renewal of certificates. Application owners often fail to renew certificates promptly despite receiving multiple advance expiry alerts. This oversight leads to application outages, business downtime, and security risks. The AppViewX AVX ONE Certificate Lifecycle Management (CLM) solution effectively addresses the issue […]

The post TLS Certificates Renewal with AppViewX AVX ONE CLM and Puppet appeared first on Security Boulevard.

Recently identified PyPI packages called "netfetcher" and "pyfetcher" impersonate open source libraries and target Windows users with malicious executables that have a zero detection rate among leading antivirus engines. Furthermore, some of these executables are called "node.exe" and even bear the NodeJS icon and metadata, making them evasive and easily mistaken for legitimate libraries.

The post ‘Netfetcher’ package drops illicit ‘node’ binary on Windows appeared first on Security Boulevard.

Financial services is among the most highly regulated of any industry – and justifiably so. As critical infrastructure, the sector provides services which, if interrupted or destabilized, could have a catastrophic impact on economic and national security. Increasingly, these regulations mandate not only cyber-resilience (eg the EU’s DORA) but also digital sovereignty – which includes the idea that wherever data is collected or stored, it should be subject to local laws.

The post How Financial Institutions Can Manage Mounting Digital Sovereignty Requirements appeared first on Security Boulevard.

Mastering API error codes is essential for building robust and user-friendly applications. This comprehensive guide explores best practices for handling and documenting errors, ensuring clear communication between your API and its users.

The post Comprehensive Guide to API Error Code Management appeared first on Security Boulevard.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning regarding a newly discovered vulnerability in SolarWinds’ Web Help Desk solution, which has already been exploited in active attacks.   Tell me more about the SolarWinds RCE Vulnerability  SolarWinds’ Web Help Desk software is widely used by large enterprises, government agencies, healthcare providers and educational institutions to manage ... Read More

The post CISA Warns of Critical SolarWinds RCE Vulnerability Exploited in Attacks appeared first on Nuspire.

The post CISA Warns of Critical SolarWinds RCE Vulnerability Exploited in Attacks appeared first on Security Boulevard.

Authors/Presenters:Khaled Serag, Rohit Bhatia, Akram Faqih, and Muslum Ozgur Ozmen, Purdue University; Vireshwar Kumar, Indian Institute of Technology, Delhi; Z. Berkay Celik and Dongyan Xu, Purdue University

Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott; and via the organizations YouTube channel.

Permalink

The post USENIX Security ’23 – ZBCAN: A Zero-Byte CAN Defense System appeared first on Security Boulevard.

The backstories of AppSec and cloud security In an industry that moves so quickly and pivots so frequently, it’s easy to forget that the term and discipline of application security (AppSec) emerged in the late 1990s and early 2000s. Driven by what was considered rapid web application growth at the time, the Open Web Application […]

The post CNAPP and ASPM — Friends or Foes? appeared first on OX Security.

The post CNAPP and ASPM — Friends or Foes? appeared first on Security Boulevard.

At DEF CON 32's AppSec Village, we explored secrets security challenges, answered common questions, and shared how to detect and handle hidden credentials effectively.

The post DEF CON 32: What We Learned About Secrets Security at AppSec Village appeared first on Security Boulevard.

Schools store and manage a range of sensitive data: student identification records, tax records, medical documents, financial statements, and more. Often, schools rely on Google Workspace to handle their data appropriately — including Google Drive.  In the words of Education Week: “Google products dominate in K-12 classrooms.” Their research shows that approximately 70% of K-12 ...

The post How Safe is Google Drive?  appeared first on ManagedMethods Cybersecurity, Safety & Compliance for K-12.

The post How Safe is Google Drive?  appeared first on Security Boulevard.

In today’s rapidly evolving digital landscape, cybersecurity risks are more prevalent and sophisticated than ever before. Organizations of all sizes are increasingly exposed to many threats, from ransomware attacks and phishing schemes to zero-day exploits and insider threats. As these risks continue to grow in complexity, it becomes crucial for organizations to adopt a proactive approach to cybersecurity—one that prioritizes not just identifying potential threats but also the strategic implementation of risk treatment and mitigation strategies.

The post Top Cybersecurity Risk Mitigation Strategies Every Business Should Implement appeared first on Security Boulevard.

If the virtual product uses cloud authentication, it needs to communicate with the cloud authentication center periodically every day to complete the authentication and ensure availability. You can confirm the authorization mode under System Management -> System Tools -> License -> Authorized by. For example, in the image below, the device uses cloud authorization. If […]

The post WAF Cloud Authentication Issue Troubleshooting appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post WAF Cloud Authentication Issue Troubleshooting appeared first on Security Boulevard.

Do I go to my Cloud Service Provider (CSP) for cloud security tooling or to a third party vendor?

Who will secure my cloud use, a CSP or a focused specialty vendor?

Who is my primary cloud security tools provider?

This question asked in many ways has haunted me since my analyst days, and I’ve been itching for a good, fiery debate on this. So, we did this on our Cloud Security Podcast by Google where the co-hosts divided the positions, researched the arguments in advance of the debate and then just … WENT AT EACH OTHER :-)

The results were so fun and interesting that this blog was born!

The Case for Third-Party Vendor Tooling

These arguments hinge on three primary concerns: trust, consistency, and innovation.

Some observers also highlight the theoretical conflict of interest when a CSP is responsible for both building and securing the cloud (no idea why people say this, as IMHO there is no conflict here). This side also stressed the importance of consistency across multi-cloud environments and argued that dedicated security vendors are more likely to innovate more rapidly. They also may address client needs faster, especially narrow vertical needs.

• You just can’t trust the cloud builder to secure their own stuff (or “letting the cat guard the cream” as somebody weirdly opined on social media). Third-party vendors promise unbiased security analysis and can uncover security issues that CSPs might deprioritize, benefiting the broader public and individual users. This separation of duties suggests a more objective evaluation of cloud security.
• Consistency is super critical for multicloud. Third-party tools provide a consistent security framework across multiple cloud platforms. This simplifies management and reduces the need for specialized knowledge in each CSP’s unique security offerings.
• Startups just build better tools; this is their focus and sole mission; CSPs suffer from “security from a big company” syndrome, being slow and political. Third-party vendors, whose core business is security, are more likely to develop innovative and effective security solutions compared to CSPs, who may view security as a secondary concern.
• Auxiliary argument: Would you ever trust the CSP to secure the network/environment that belongs to their competitor?

The Case for CSP-Native

These arguments hinged on three primary concerns: deep platform knowledge, built-in security, and seamless stack.

Deep platform knowledge that CSPs possess suggests both robust and “automatic”, default security. The seamlessness of CSP-native tools and the vast (we mean it, BTW!) resources that CSPs dedicate to security also play a key role. CSPs are very well positioned to keep pace with the rapid evolution of cloud services, and secure them as they are built.

• CSP knows the platform and cloud in general best, can use unlisted or poorly documented capabilities to secure the cloud. Security deeply integrated into the platform is “more secure”, and also better linked with asset tracking, and other IT ops / DevOps capabilities. This deep knowledge translates into superior security capabilities, both practical and conceptual.
• Built-in beats bolt-on, with fewer seams to break and break through. CSP-native tools offer seamless integration with other services, streamlining workflows, and reducing the risk of security gaps that can arise from stitching together disparate tools. This results in a simpler and more manageable security stack. Recent breaches highlight the risks associated with these integration points, underscoring the advantage of built-in security.
• Using native tools reduces the number of third-party vendors and solutions you need to manage, leading to a simpler security stack and less administrative overhead. When cloud platforms and security tools share the same foundation, operational teams benefit from streamlined access and workflows.
• Auxiliary argument: CSP keeps pace with securing new services as they are being launched. And there are a lot of cloud services being launched.

The Verdict

• “It depends” wins! It really does. No, we are not hedging or fudging. Are you disappointed?
• To make it practical, we need to answer “depends on what?” Organizational realities: how you use cloud, what cloud, how many clouds, what is your threat model, etc.
• None of the arguments from either side include a “killer” or a clincher argument that stops the debate and hands the victory to one side.
• Often starting with CSP-native tools and then supplementing with third-party solutions to address any gaps (if any) is the way to go (this also was Gartner advice in my days, BTW)

Listen to the audio version (better jokes!). And, yes, do read “Snow Crash” if you somehow failed to, before.

Resources:

• EP186 Cloud Security Tools: Trust the Cloud Provider or Go Third-Party? An Epic Debate, Anton vs Tim
• EP74 Who Will Solve Cloud Security: A View from Google Investment Side
• EP22 Securing Multi-Cloud from a CISO Perspective, Part 3
• EP176 Google on Google Cloud: How Google Secures Its Own Cloud Use
• “Use Cloud Securely? What Does This Even Mean?!”

The Great Cloud Security Debate: CSP vs. Third-Party Security Tools was originally published in Anton on Security on Medium, where people are continuing the conversation by highlighting and responding to this story.

The post The Great Cloud Security Debate: CSP vs. Third-Party Security Tools appeared first on Security Boulevard.

Master cloud security with NodeZero™ Cloud Pentesting. Easily uncover vulnerabilities across AWS and Azure, prioritize identity risks, and secure your environment in just minutes. Stay ahead of threats.

The post Mastering Cloud Security: Uncovering Hidden Vulnerabilities with NodeZero™ appeared first on Horizon3.ai.

The post Mastering Cloud Security: Uncovering Hidden Vulnerabilities with NodeZero™ appeared first on Security Boulevard.

Authors/Presenters:Alexander Marder, Zesen Zhang, Ricky Mok, Ramakrishna Padmanabhan, Bradley Huffaker, Matthew Luckie, Alberto Dainotti, kc claffy, Alex C. Snoeren, Aaron Schulman

Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott; and via the organizations YouTube channel.

Permalink

The post USENIX Security ’23 – Access Denied: Assessing Physical Risks To Internet Access Networks appeared first on Security Boulevard.

A backdoor found in millions of Chinese-made RFID cards that are used by hotels and other businesses around the world can let bad actors instantly clone the cards to gain unauthorized access into rooms or run supply chain attacks, say researchers with Paris-based Quarkslab.

The post Backdoor in RFID Cards for Offices, Hotels Can Lead to Instant Cloning appeared first on Security Boulevard.

The cybersecurity landscape is rapidly evolving, and our 2024 Identity Breach Report: Welcome to the GenAI Attack Revolution offers essential insights into how artificial intelligence (AI) and complex data sets are transforming the threats we face today. The New Face of Phishing: AI-Powered Scams This year’s report highlights a dramatic shift in phishing tactics. With …

The post 2024 Identity Breach Report: Navigating the GenAI Attack Revolution appeared first on Security Boulevard.

Learn more about the top challenges and the different tools and techniques that can support continuous validation within a CTEM program.

The post Gartner Report: Implement a Continuous Threat Exposure Management (CTEM) Program appeared first on SafeBreach.

The post Gartner Report: Implement a Continuous Threat Exposure Management (CTEM) Program appeared first on Security Boulevard.

Recently, I introduced you to our heroes of Threat-Informed Defense. They comprise our diverse community of Tidal Cyber customers who are using our platform in ways you may not have thought about to save time and money, improve their existing defenses, and vastly increase the efficiency of their security teams.  

The post How CTI Analysts Use Threat-Informed Defense to Overcome Top Challenges appeared first on Security Boulevard.

Improve your identity and governance administration strategy with SaaS identity risk management. Discover how to extend the value of your IGA tool.

The post Enhance Your Identity Governance and Administration Strategy appeared first on Security Boulevard.