Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Cybersecurity Snapshot: 6 Things That Matter Right Now

Cybersecurity Snapshot #2

Topics that are top of mind for the week ending July 1 | Cybersecurity budgeting priorities. All you ever wanted to know about ransomware. CISOs weigh best-of-breed vs. platforms. The epidemic of identity-related breaches. And much more!

1 -- A penny for your thoughts

How time flies! We’re at the year’s midpoint. That’s when the IT budgeting process often starts. So it seemed timely to poll our webinar attendees on their cybersecurity spending priorities. Check out the results of our admittedly ad-hoc, unscientific – yet interesting! – poll.
Cybersecurity Snapshot #2 -- chart1
For more on cybersecurity budgeting read:

2 -- Analyst: CISOs shifting from “best of breed” products to platforms

Ah, the age-old debate: best-of-breed (BOB) products versus integrated suites or platforms. Well, this tension is on right now in cybersecurity, as CISOs glance at their security stacks and cringe at this sight: a mishmash of siloed tools from myriad vendors that don’t play well together. 

Yes, compiling a BOB stack – long the preferred strategy of cybersecurity teams – is losing its shine, while platforms and integrated products gain favor, according to a study by Enterprise Strategy Group (ESG) and the Information Systems Security Association (ISSA), based on a survey of 280 cybersecurity leaders.

Why are CISOs souring on handpicked, arguably superior – yet disconnected – individual products? A major factor is BOB’s operational overhead, an ESG analyst explains.

Interesting findings:

  • 38% now tend to buy integrated security platforms rather than BOB products.
  • 86% say it is either critical or important that BOB products are built for integration.
  • 21% of organizations are consolidating security vendors; 25% are considering it.

Want more details? Check out this slide presentation from ESG and ISSA.

More resources:

3 -- Everything you always wanted to know about ransomware but were afraid to ask

Ransomware has thrived through constant evolution, becoming a multimillion-dollar, self-sustaining industry and a major cyberthreat to all organizations. That’s why Tenable Research’s new report “The Ransomware Ecosystem” is a must-read. It explores the key players in the ransomware ecosystem and the tactics that have helped it flourish.

Cybersecurity Snapshot #2 -- graphic1
 

You’ll learn:

  • How the ecosystem evolved
  • Which are the most common attack vectors
  • How to prepare and defend against attacks
  • What vulnerabilities are likely to be exploited

For more information:

4 -- Study: Manual cloud asset management impacts visibility, ups risk

Cloud adoption keeps accelerating, but have organizations automated their inventorying of public cloud assets? Unfortunately, not that much. And that’s not good because it leads to undercounts and to incomplete asset visibility, increasing security risks, a study found.

The study – “Measuring Risk and Risk Governance” from the Cloud Security Alliance and Google – polled 600 security practitioners and 20 executives in companies of all sizes globally and found that internal data classification schemes (55%) and manual methods (50%) are the main ways organizations collect, track and organize cloud assets. Only 21% of respondents use native or automated cloud data classification tools.

Unsurprisingly, organizations using manual estimation methods reported having an average of 124 cloud services, 31% fewer than the average of 163 reported by organizations using automated discovery tools. 

For more information about the study, whose main goal was to assess the maturity of public cloud and risk management within the enterprise, read:

Interested in cloud security? Check out these resources:

5 -- ID-related breaches: They’re rising and wreaking havoc

How prevalent have identity-related breaches become? A whopping 84% of 500 respondents to a recent survey said their organization has experienced one in the last year. Findings from the study “2022 Trends in Securing Digital Identities” by the Identity Defined Security Alliance (IDSA) include:

  • Identity growth continues, which makes it a security priority.
  • Identity-related attacks are up but can be prevented.
  • Risky behavior drops when executives focus on identity security.

More resources on identity access management:

6 -- Vulnerabilities to have on your radar screen

These vulnerabilities deserve special attention:

  • Flaws in Azure Synapse Analytics

  • 56 insecure-by-design OT vulnerabilities discovered by Forescout

  • Vulnerabilities in Citrix’s Application Delivery Management product

  • POC published for unauthenticated RCE in Zoho ManageEngine ADAudit Plus

Flaws in Azure Synapse Analytics

Cloud security presents special challenges, as exemplified by Tenable’s recent discovery and analysis of two vulnerabilities in Microsoft Azure. The Tenable Research team found the serious flaws in Azure Synapse Analytics, contacted Microsoft and let’s just say the communication wasn’t particularly smooth. “These flaws and our researchers’ interactions with Microsoft demonstrate the difficulties involved in addressing security-related issues in cloud environments,” the Tenable team wrote.

For more details:

You can also read Tenable CEO Amit Yoran’s LinkedIn post “Microsoft’s Vulnerability Practices Put Customers At Risk” and listen to Tenable CSO Robert Huber’s comments on KBI’s KBKast.

Forescout: 56 insecure-by-design OT vulnerabilities

Forescout’s Vedere Labs published its latest research findings into OT vulnerabilities titled “OT:ICEFALL,” including 56 bugs across multiple vendors’ products. “OT:ICEFALL sought to analyze and understand the prevalence and impact of insecure-by-design vulnerabilities in OT products,” wrote Tenable’s Security Response Team.

For more information:

Vulnerabilities in Citrix’s Application Delivery Management product

Citrix disclosed a pair of vulnerabilities in Citrix Application Delivery Management (ADM), a centralized management solution used to monitor a variety of Citrix networking products:

  • CVE-2022-27511, an improper access control vulnerability in Citrix ADM
  • CVE-2022-27512, a vulnerability in Citrix ADM caused by improper control of a resource through its lifetime

For the details, read Tenable’s blog.

POC published for unauthenticated RCE in Zoho ManageEngine ADAudit Plus

The researchers who recently discovered CVE-2022-28219, a now patched vulnerability in Zoho ManageEngine ADAudit Plus, have shared a proof-of-concept (PoC) script that automates the steps to pivot from an XML external entity (XXE) flaw to remote code execution (RCE).

This vulnerability impacts all versions of ADAudit Plus builds below 7060, so organizations should make sure they're running the fixed or later version of ADAudit Plus, which is a compliance tool for monitoring Active Directory.

For more information, read Tenable's blog.

Related Articles

Are You Vulnerable to the Latest Exploits?

Enter your email to receive the latest cyber exposure alerts in your inbox.

tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

tenable.io BUY

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Tenable.io BUY

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now

Try Tenable.io Web Application Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable.io Container Security

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Try Tenable Lumin

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable.cs

Enjoy full access to detect and fix cloud infrastructure misconfigurations in the design, build and runtime phases of your software development lifecycle.

Buy Tenable.cs

Contact a Sales Representative to learn more about Cloud Security and how you can secure every step from code to cloud.

Try Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save.

Add Support