Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security ratings are becoming a crucial component of every security operations center (SOC). Security analysts must learn how to read, analyze and report security ratings to the CISO effectively in order to help build an enterprise-wide culture of security. Here we outline how analysts can develop a successful security operations center that leverages ratings to evaluate and mitigate cyber risk.

Vulnerability management remains a struggle for many companies and is still only an aspiration for many others. But with digital and cloud transformation rewriting the way many firms do business, the attack surface keeps expanding and becomes more difficult for organizations to protect their environments from growing threats.

The vulnerability, dubbed CVE-2021-43798 impacted the Grafana dashboard, which is used by companies around the world to monitor and aggregate logs and other parameters from across their local or remote networks. The privately reported bug became a leaked zero-day but was first spotted by Detectify Crowdsource hacker Jordy Versmissen on December 2, after which Grafana was notified by Detectify about the bug.

Extended detection and response (XDR) is all the rage these days. It seems like almost every security vendor now claims to offer XDR functionality. But are those claims based in reality?

Recent CrowdStrike Intelligence team findings regarding the Log4Shell (CVE-2021-44228, CVE-2021-45046) vulnerabilities indicate wide-ranging impact. CrowdStrike helps protect customers from threats delivered via this vulnerability using both machine learning and indicators of attack (IOAs).

Shortly after the Apache Software Foundation (ASF) released the bug fix for the vulnerability known as Log4Shell or LogJam (CVE-2021-44228), a new vulnerability was discovered in Log4j Java-based logging library, tracked as CVE-2021-45046. While Log4Shell had the maximum CVSS score of 10, this new vulnerability is rated as 3.7, affecting all versions of Log4j between 2.0-beta9 and 2.12.1, as well as between 2.13.0 and 2.15.0.

Password storage and encryption are an essential part of your password policy. Reversible encryption is known for being vulnerable to attacks. Therefore, it is crucial to map its usage and try to avoid it as much as possible.

On December 9, 2021, a zero-day vulnerability in Log4j 2.x was discovered. This vulnerability is of great concern because if it’s successfully exploited, attackers are able to perform a RCE (Remote Code Execution) attack and compromise the affected server. Since we are a cloud-based Software Composition Analysis (SCA) provider, we have useful customer data that gives insight into the scope of the Log4j vulnerability.

On December 9th 2021, Apache published a zero-day vulnerability (CVE-2021-44228) for Apache Log4j being referred to as “Log4Shell.” This vulnerability has been classified as “Critical” with a CVSS score of 10, allowing for Remote Code Execution with system-level privileges. If you are currently working to identify instances of this vulnerability, Tripwire can help.

In September 2021, Tripwire released its annual report to examine the actions taken by the U.S. federal government to improve cybersecurity. The report also looks at non-government organizations so that we may catch a glimpse of the differing views and approaches of each, which makes for interesting (and revealing) insights.