|
By Emma Zaballos
On November 18, 2024, Palo Alto Networks (PAN) fully disclosed two serious vulnerabilities in PAN-OS software that had previously been partially disclosed on November 8th. The first vulnerability, CVE-2024-0012, is a critical severity (9.3) authentication bypass in the PAN-OS management web interface. It allows unauthenticated attackers with network access to gain administrator privileges by bypassing the authentication check entirely, essentially telling the server not to check for authentication at all.
|
By Tim Matthews
External Attack Surface Management, or EASM, has become a necessary component of a proactive cybersecurity strategy. According to research from Enterprise Strategy Group, over 65% of breaches stem from a compromised, externally exposed asset, so knowing your attack surface is key to avoiding breaches. Gartner, for this reason, is recommending EASM as a key pillar in the new approach to proactive security they call Exposure Management.
|
By Emma Zaballos
Savvy security leaders are moving from the legacy framework of vulnerability management to the emerging framework of exposure management because it solves their biggest challenges. The attack surface, which now contains cloud assets, distributed and mobile employees, and Internet of Things (IoT) integrated into every aspect of the workplace, is too complicated and changes too quickly to be managed with outdated methods and technologies.
|
By Emma Zaballos
CVE-2024-47575, also known as FortiJump, is a critical (9.8) missing authentication vulnerability affecting critical functions in FortiManager and FortiManager Cloud versions. Threat researcher Kevin Beaumont published a blog post on October 22nd, 2024 identifying this vulnerability as a zero day. This vulnerability is separate from CVE-2024-23113, which also affects FortiGate devices.
Featured Post
The deadline to get compliant with the EU's NIS 2 Directive is here. And this isn't just a minor update from its NIS 1 predecessor-it's a major expansion that carries with it new challenges and obligations. The directive now covers a whopping 300,000 organizations, up from just 20,000 under NIS 1. Sectors like aerospace, public administration, digital services, postal and courier services, and food production are now included. Organizations are classified into "essential" or "important" entities based on size and criticality to the economy.
|
By CyCognito
Support for AWS Organizations Simplifies Cloud Testing; New Workflows Make Pentester and Red Teams More Efficient.
|
By Emma Zaballos
On October 9th, 2024, five vulnerabilities were disclosed by Palo Alto Networks: These vulnerabilities affect Palo Alto Networks Expedition, a tool that manages configuration migration from supported vendors to Palo Alto Networks systems.
|
By Emma Zaballos
On September 26, 2024, four critical vulnerabilities, CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, and CVE-2024-47177, were disclosed in the open-source printing system Common Unix Printing System (CUPS) and its components. Attackers can leverage the remote code execution (RCE) and input validation vulnerabilities as part of an attack chain.
|
By Emma Zaballos
CVE-2024-23113 is a critical (9.8) Fortinet FortiOS vulnerability allowing remote, unauthenticated attackers to execute arbitrary code or commands using specially crafted requests. The flaw uses an externally-controlled format string vulnerability in the FortiOS fgfmd daemon.
|
By Jason Pappalexis
Whether you’re the CISO or part of the incident response team, it’s likely you have heard of exposure management (EM). Introduced by Gartner in 2022 as the evolution of vulnerability management (VM), the name “exposure management” was adopted by vendors faster than you can say “next gen” or “AI-powered”. Unfortunately for consumers the hype added more confusion than clarity. This blog is a chance to reset expectations.
|
By CyCognito
See the CyCognito platform in action to understand how it can help you identify, prioritize and eliminate your most critical risks.
|
By CyCognito
"CyCognito is worth every cent we pay and it helps me sleep better because I know we’re checking our internet-facing assets on a regular basis.” —Benjamin Bachmann | Vice President, Group CISO | Ströer.
|
By CyCognito
“CyCognito provides our company with cutting-edge technology enabling my team to have global visibility into our web-facing assets in an easy-to-use interface.” — Alex Schuchman | Chief Information Security Officer | Colgate-Palmolive Company.
|
By CyCognito
“I can’t point to another tool that does as thorough a job of exploring and exposing those assets that you didn’t even know you had. It’s so valuable." — Kevin Kealy | Chief Information Security Officer | Scientific Games.
|
By CyCognito
Hear first hand from Chief Technical Officer, Randy Watkins, as he explains why attack surface mapping is critical to an organization’s security posture and managing their IT assets. Learn how prioritizing security risk helps to cut through a sea of security issues and gives focus to security teams on what is critical.
|
By CyCognito
Streamline Security Testing with Analytics, Trends, and Reporting: New Cybersecurity Automation Features to Streamline Attack Surface Protection.
|
By CyCognito
Learn how the CyCognito platform identifies attack vectors that might go undetected by other security solutions.
|
By CyCognito
Your attack surface has grown, it's now in cloud infrastructure and across subsidiaries and unknown, unmanaged assets are everywhere. How are you finding these? Attackers look for, find and attack these unknown assets and when there are externally exposed risks, sensitive data and critical systems are put in danger. Read now, External Exposure & Attack Surface Management For Dummies.
|
By CyCognito
CTEM, a comprehensive risk reduction framework, integrates visibility risk assessment, issue prioritization, and validation. This approach facilitates the continuous identification and testing of exposed systems, enhancing decision-making and enabling a more proactive threat response. Download the white paper, Understanding Continuous Threat Exposure Management, to learn about CTEM's core components and how they contribute to cybersecurity resilience, how CTEM addresses the challenge of managing risk on attack surfaces, and how CyCognito's capabilities align with CTEM's requirements.
|
By CyCognito
With the ever-growing volume of cybersecurity alerts and attacks bombarding security teams, more CISOs are taking a hard look at External Attack Surface Management (EASM) platforms to better understand how adversaries get into systems and how to keep them out. It's not surprising that EASM products have captured the industry's attention, as many organizations are seeing growth of their attack surfaces' growth outpace their detection and remediation abilities. Some of the driving causes: digital transformation, the cloud, third-party dependencies, subsidiary sprawl, and more.
|
By CyCognito
Your pen testing team is working hard, but they are facing an operational challenge due to the large number of assets they need to test and the time required to complete each test. As the fundamental approach to penetration testing has not changed much since the first test over 50 years ago, it's worth exploring whether the tool is still sufficient for securing today's IT environment.
- November 2024 (3)
- October 2024 (9)
- September 2024 (7)
- August 2024 (1)
- July 2024 (4)
- June 2024 (3)
- May 2024 (8)
- April 2024 (3)
- March 2024 (3)
- February 2024 (2)
- December 2023 (1)
- October 2023 (3)
- September 2023 (5)
CyCognito solves one of the most fundamental business problems in cybersecurity: seeing how attackers view your organization, where they are most likely to break in, what systems and assets are at risk and how you can eliminate the exposure.
Founded by national intelligence agency veterans, CyCognito has a deep understanding of how attackers exploit blind spots and a path of least resistance. Based in Palo Alto, CyCognito serves a number of large enterprises and Fortune 500 organizations, including Colgate-Palmolive, Tesco and many others.
Automated external attack surface management and continuous testing reduces your overall risk:
- Discovery: Proactively uncover exposed external assets — without input or configuration — using attacker reconnaissance approaches.
- Contextualization: Empower your team to know what an asset does, where it’s located, what other assets it connects to, and how attractive it is from that attacker perspective.
- Active Security Testing: Launch security testing across your full inventory of external assets, enabling a new level of visibility into risk and the steps needed to reduce it.
- Prioritization: Automate risk prioritization for external assets to focus your security team’s attention and energy on the 10 to 50 most critical exploited assets that matter the most.
- Remediation Acceleration: Quickly repair exploitable assets and reduce validation time from months to hours to swiftly prevent data breaches.
Discover, test and prioritize all of your web assets and applications.