Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Developers love GitHub. It’s the biggest and most powerful collaboration platform that programmers, developers, and companies use to develop and maintain their software. It’s the biggest source code host with more than 200 million repositories. And it keeps growing. In 2021, more than 73 million developers used GitHub. It gained over 16 million new users in 2021 alone, and GitHub estimates that user numbers will increase to 100 million developers in the next five years.

On Tuesday, June 14, 2022, Citrix released patches for multiple vulnerabilities, including CVE-2022-27511, an unauthenticated remote privilege escalation vulnerability affecting Citrix Application Delivery Management (ADM). The vulnerability allows an unauthenticated user to remotely corrupt an affected system to reset the administrator password at the next device reboot. Successful exploitation allows a threat actor to gain initial access using the default credentials via SSH after a device reboot.

Two-factor authentication (2FA) is a type of multi-factor authentication (MFA) used to verify users’ identities and provide an additional layer of account security. Users must enter two factors before they are allowed access to their online accounts to ensure they are who they claim to be. 2FA offers a greater level of security than single-factor authentication (SFA), which only relies on one factor, such as a password or passcode.

The answer is yes and no. While cybersecurity automation is necessary in today’s vast threat landscape, its current functionality will not replace the role of cybersecurity professionals. The use of cybersecurity automation is undoubtedly on the rise. A 2021 global Statista survey found that 35.9% of global survey respondents reported using a high level of automation in security operations and event/alert processing.

Monday, May 30th, 2022, Microsoft issued CVE-2022-30190 for a Remote Code Execution vulnerability with the Microsoft Support Diagnostic Tool (MSDT) in Windows: “A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application.

A few weeks ago, a cybersecurity analyst unexpectedly discovered that he could dump files from the hotel network system where he was staying in Qatar to his own computer using the sync tool (used for file synchronization). Through an HSMX Gateway, he managed to access a welter of sensitive data held on an FTP server used for backup purposes. This included personal information on guests such as their room numbers, emails, and cell phone numbers.

Taking action on your attack surface requires a complete overview of what is exposed. This includes details such as open – and previously open! – ports, DNS records, and when the asset was last seen. These details help security teams respond more effectively to issues as they occur in production. It’s now possible for Surface Monitoring customers to drill down into an asset with the new Details page, which you can access by selecting an asset from the Attack Surface view.

It’s well known that there’s a pervasive cybersecurity skills shortage. The problem has multiple ramifications. Current cybersecurity teams often deal with consistently heavy workloads and don’t have time to deal with all issues appropriately. The skills shortage also means people who need cybersecurity talent may find it takes much longer than expected to find qualified candidates. Most people agree there’s no single way to address the issue and no fast fix.