George Bailey

⚡️Some domains likely used by #transparentTribe #APT36 counciling[.]com nbssedelhi[.]org ashifdigitalseva[.]xyz birthdeath[.]in gov-certificate[.]com viewss[.]click admin-mcas-df[.]ms admin-mcas[.]ms mcas-df[.]ms mcas[.]ms verifycertificate[.]info nimsme[.]org

1

1 Comment

A few weeks ago, I wrote a post sharing research breaking down exposures across enterprise and cloud infrastructure. By volume, the majority of exposures affected Active Directory but the most critical exposures were found in cloud environments. (see https://lnkd.in/euvfKvGJ) I wanted to follow that up with a similar view comparing the distribution of critical exposures among different industries. Per the attached chart, about half of the industries shown follow the overall pattern of Cloud > Active Directory > IT/Network devices. But there’s quite a bit of variation and some sectors buck that trend entirely. For example, very few of the critical asset exposures affecting the Energy, Transportation, and Healthcare sectors are in the cloud. On the other hand, the share of critical exposures in cloud environments is much higher than average in the Agriculture and Manufacturing industries. I share this because the diversity and sprawl of the modern attack surface make it difficult to answer seemingly simple questions like "Where are our critical exposures?" And the fact that every industry's or organization's answers will vary makes answering it all the more difficult and important. If you'd like to see more on what we learned from analyzing exposures from tens of thousands of attack path assessments, download the full report from Cyentia Institute and XM Cyber here: https://lnkd.in/dPfqXG7y #exposuremanagement #vulnerabilitymanagement #cyberrisk

40

3 Comments

The latest from OODA Loop Contributor Emilio Iasiello: In June 2024, the Office of the National Cyber Director (ONCD) released its report Summary of the 2023 Cybersecurity Regulatory Harmonization Request for Information, a government effort whose purpose is to find a path forward to creating a comprehensive framework to strengthen cybersecurity resilience across all sectors; simplify oversight and responsibilities of cyber regulators; and reduce administrative burden and cost on those organizations regulated.  The RFI adhered to Strategic Objective 1.1 of the 2023 National Cybersecurity Strategy, “Establish Cybersecurity Requirements to Support National Security and Public Safety.”  Eighty-six organizations responded to the RFI, representing the critical infrastructure sectors, as well as state and local government associations, academia, and non-profit and professional organizations.  The report found three major outcomes from those that responded to the survey:  1) lack of harmonization and reciprocity impacted cybersecurity outcomes while inflicting high compliance costs; 2) regulatory harmonization had challenges that extended to all sectors and organizations of all sizes and crossed jurisdictions; and 3) it was well within the U.S. government’s ability to address these existing challenges.   https://lnkd.in/eqU486u9

4

1 Comment

What does security debt (old, unresolved flaws in code) look like across applications in your organization? Perhaps similar to one of these 20 anonymous organizations we sampled during a recent analysis of #appsec scan data. Each rectangle represents a different organization, which is subdivided into sections corresponding to the size of its active applications. The color applied to those applications measures their density of security debt. You can think of this as a depiction of the shape and status of the application attack surface for each organization. Organization 4 is relatively clear of debt across most of its applications, with a few exceptions in the lower right corner. Organization 9 below it shows pretty much the opposite trend—one tiny debt-free application floats alone in a sea of debt. Other organizations in this sample exhibit a relatively even distribution of debt across applications (e.g., Org 14) to an application attack surface that runs the gamut of debt density (e.g., Org 6). So, what makes one organization look so different from another when it comes to the distribution of security debt across their applications? Is it possible for teams to reverse indebtedness for the applications they develop and manage? Download the full report from Veracode, with analysis by Cyentia Institute, to find out! Get is here: https://lnkd.in/evh5jm2Z #softwaresecurity #applicationsecurity #devsecops #devops

53

🚨 Positive News from the NIST NVD Team! 👇 NIST has released a new NVD announcements page + some important updates: 𝗔𝗱𝗱𝗶𝘁𝗶𝗼𝗻𝗮𝗹 𝗦𝘂𝗽𝗽𝗼𝗿𝘁 𝗖𝗼𝗻𝘁𝗿𝗮𝗰𝘁: NIST has contracted additional support to restore pre-February 2024 CVE processing rates within the next few months. 𝗔𝗱𝗱𝗿𝗲𝘀𝘀𝗶𝗻𝗴 𝘁𝗵𝗲 𝗕𝗮𝗰𝗸𝗹𝗼𝗴: NIST is collaborating with CISA to ingest the backlog of unprocessed CVEs to the NVD, with plans to clear the backlog by the end of the fiscal year. 𝗟𝗼𝗻𝗴-𝗧𝗲𝗿𝗺 𝗦𝗼𝗹𝘂𝘁𝗶𝗼𝗻𝘀: NIST is implementing technology and process updates to sustainably manage the increasing volume of vulnerabilities. This includes supporting automation in vulnerability management, security measurement, and compliance. 𝗖𝗩𝗘 𝟱.𝟭 𝗥𝗲𝗰𝗼𝗿𝗱 𝗦𝘂𝗽𝗽𝗼𝗿𝘁: Since May 14, 2024, NIST has been ingesting both CVE 5.0 and CVE 5.1 records, including support for CVSS 4.0 and #purl. 𝗖𝗼𝗺𝗺𝗶𝘁𝗺𝗲𝗻𝘁 𝘁𝗼 𝘁𝗵𝗲 𝗡𝗩𝗗: NIST assures that it remains dedicated to maintaining and modernizing the NVD. 𝗜𝗺𝗽𝗿𝗼𝘃𝗲𝗱 𝗖𝗼𝗺𝗺𝘂𝗻𝗶𝗰𝗮𝘁𝗶𝗼𝗻: Most importantly in my opinion, NIST promises that moving forward they will keep the community informed of their progress toward normal operational levels and their future modernization plans. Only time will tell if these commitments will indeed materialize... #VulnerabilityManagement #InformationSecurity #CyberSecurity National Institute of Standards and Technology (NIST)

65

8 Comments

#Safety, #governance, safety! - Where in the system should these be positioned? - What became of #EO13636? ⚠🚨 The criticality of #cni is deadly important (it cannot be overstated) and should not be ignored due to the lack of action. It is really time for governments and CNI Operators to start activities to build CNI Resilience, reduce attack surfaces, and, worst case scenario, reduce knowing and unknowing deaths and consequences. "....the agency will review its security measures and improve cybersecurity after the investigation, which he said is being led by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency." #criticalinfrastructureprotection #securityleadership https://lnkd.in/eUMNkKuy

2