CVE-2021-30476 affects HashiCorp's Terraform Vault Provider and involves incorrect configuration of bound labels for GCP (Google Cloud Platform) authentication. This issue permits unauthorized users to potentially bypass authentication mechanisms. The vulnerability stems from the Vault provider not correctly configuring the bound labels within the GCP authentication method, which could lead to improper access control.

System hardening is the process of configuring a system to a more secure state. Many technology solutions are not securely configured by default, so system administrators must harden systems while retaining their desired functionality. Thankfully, system administrators do not have to figure out system hardening on their own. Instead, they can reference security benchmarks which describe recommended secure configurations for a system.

On May10th, Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), Department of Health and Human Services (HHS), and Multi-State Information Sharing and Analysis Center (MS-ISAC) issued an urgent advisory about malicious threat activity involving the Black Basta ransomware variant. Detailed information about these threats and the associated IOCs and TTPs can be seen on #StopRansomware: Black Basta.

Register for the Webinar Large-scale cyber breaches continue to dominate headlines, amplifying the damaging ramifications of failing to secure your organization. Even with a substantial investment in your SOC, outcomes continue to fall short of promises. Breaches lead to massive data leaks, steep financial losses, and tarnished reputations, underscoring the urgent need for effective SIEM technology.

This is Part 12 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts.

Something about the springtime sunshine and blooming flowers inspires many of us to start cleaning. For some, it might be tackling the backyard shed that accumulated cobwebs over the winter or that overflowing junk drawer in the corner of the kitchen. As you survey your home and yard and decide where to start cleaning, it’s also a great time to look at your application security program and see if any of your existing processes need some tidying up. Here are a few great places to start.

Just when you think bad actors cannot sink any lower, they find a way to. In a recent chilling evolution of ransomware tactics, attackers are now also targeting the families of corporate executives to force compliance and payment. Mandiant's Chief Technology Officer, Charles Carmakal, highlighted this disturbing trend at RSA last week: criminals engaging in SIM swapping attacks against executives' children.

Threat actors have responded to better protections in the operating system and improved endpoint detection and response (EDR) capabilities by moving down the stack to find entry points with full visibility and privileges into the stack above.

Cybercriminals are notoriously tricky to pin down. They are experts in obfuscation and misdirection, masters of avoiding consequences. Not since the early days of the Wild West have criminals managed to evade capture and maintain anonymity as effectively as modern cybercriminals do. Part of the reason for these staggeringly low conviction rates is that we usually have little idea of what country an attacker is in.

“The best part of RSA is all the amazing people in the community trying to make the world a safer place. It’s also very exciting to see all the innovation to make adversaries’ lives harder – competition and collaboration make us better.” – CEO & Co-Founder Dr. Aleksandr Yampolskiy The SecurityScorecard team has just returned from an incredible week in San Francisco at RSA Conference 2024!