As cybersecurity professionals, we are always impressing the importance of patch management as one of the best ways to protect systems against vulnerabilities. Sometimes, the vulnerabilities are never fully exploited. Regardless of the threat possibility, patching is one of the easiest ways to ensure the minimum level of security in an organization. The best part about patching a system is that it is very easy to see the status of the patch level as compared to the manufacturer’s recommendations.
One of the areas of security that is more easily overlooked is configuration management. If a system’s configuration is changed, it can often go unnoticed, as there are often no alarms that would be set off, no manufacturer’s warning, and no standard level that is recommended. This is why configuration management is so important towards understanding if any configuration drift has occurred. Configuration management is applicable not only to security professionals but also to all areas of IT management as well as to DevOps.
According to one source, some organizations have admitted to a large number of known misconfiguration discoveries. More worryingly, some have reported that there are probably unknown misconfigurations, as well. This is the new “low hanging fruit” for cloud-based attacks as well as for malicious techniques like exploiting unsecured storage containers, crypto-jacking, and discovering exposed sensitive databases. That’s probably why Gartner predicted that misconfigurations would account for 80% of cloud breaches by 2020, as reported by Forbes.
Misconfigurations in the cloud are already having an impact, however. We’ve already seen attackers leverage them against big targets like Equifax and Microsoft Azure. We’ve also seen data breaches tied to cloud misconfigurations carry quite a price tag. As reported by TechRepublic, 196 such incidents exposed more than 33 billion records and (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Raymond Kirk. Read the original post at: https://www.tripwire.com/state-of-security/controls/secure-your-configurations-with-tripwires-configuration-manager/
Overview Recently, NSFOCUS CERT detected that Palo Alto Networks issued a security announcement and fixed the command injection vulnerability (CVE-2024-3400)…
One could argue that the World’s greatest conquests, competitions, and challenges are better off when in the hands of a…
The OpenJS Foundation, which oversees multiple JavaScript projects, thwarted a takeover attempt of at least one project that has echoes…
Authors/Presenters: *Xiang Li, Chaoyi Lu, Baojun Liu, Qifan Zhang, Zhou Li, Haixin Duan, Qi Li* Many thanks to USENIX for…
A guest post by James Berthoty the founder of Latio Tech. The shift to cloud has meant an The post…
Amazon Web Services (AWS) announced extended support prices for Amazon Elastic Kubernetes Service (EKS), prompting some businesses to reevaluate how…