Aggregator

The FBI deleted Chinese PlugX malware from thousands of devices in the US, using a technique developed by French cybersecurity firm Sekoia.io

A new report from Fortinet reveals increased adoption of multi-cloud strategies and hybrid implementations combining on-premises and public cloud infrastructure

Zero trust as a concept is simple to grasp. Implementing a zero trust architecture, on the other hand, is complex because it involves addressing a unique mix of process, procedure, technology and user education. Here are some considerations to keep in mind as you begin your journey.

Draft guidance on implementing a zero trust architecture, released by the National Institute of Standards and Technology (NIST) on Dec. 4, 2024, gives government agencies and private sector organizations a solid blueprint to follow. There are a number of additional considerations to keep in mind as you begin your journey.

First and foremost, zero trust is an alternative way of thinking about information security that treats trust as a vulnerability. It removes trust entirely from digital systems and is built upon the idea that security must become ubiquitous throughout the infrastructure. The concepts of zero trust are simple:

• All resources are accessed in a secure manner, regardless of location.
• Access control is on a "need-to-know" basis and is strictly enforced.
• All traffic is inspected and logged.
• The network is designed from the inside out.
• The network is designed to verify everything and trust nothing.

A zero trust architecture can be implemented using commercial off-the-shelf technology. It's built upon current cybersecurity best practices and dovetails with a robust exposure management program. In fact, exposure management and zero trust go hand-in-hand.

5 things to keep in mind about zero trust

Here are five considerations as you begin your zero trust journey:

1. Zero trust is a strategy, not a SKU. In most organizations, it can be implemented using existing off-the-shelf cybersecurity products. There is no single zero trust product your organization can purchase and plug in to transform your risk posture overnight.
2. Zero trust requires a foundation of strong exposure management. As the National Institute of Standards and Technology (NIST) guidelines make clear, you can't build a zero trust strategy without first having accurate visibility into all of the organization's assets — including IT, cloud, operational technology (OT) and internet of things (IoT). An exposure management program can provide you with that level of visibility as well as the ability to act on findings in real time.
3. User profiles matter more than ever. A zero trust strategy requires you to continuously monitor all users all the time. Identity and access management capabilities such as Entra ID and Active Directory, which are used to manage user profiles and privileges, must be continuously monitored and kept up to date.
4. No one is trusted — no exceptions. This may not please senior leaders, who can sometimes behave as if the rules don't apply to them. Brushing up on your diplomatic skills is advised. Ultimately, though, a zero trust architecture can be implemented without creating significant friction for end users.
5. Zero trust requires thoughtful communication. There are people throughout the organization who have built their careers on the legacy cybersecurity principles of moat-and-castle and trust-but-verify. They may be threatened or feel that their jobs are in jeopardy if they aren't engaged in the zero trust buildout from day one.

Zero trust as a concept is simple to grasp. What makes zero trust complex to implement are the same factors that make any cybersecurity strategy complex: the unique mix of processes, procedures and technology found in your IT infrastructure, as well as the need for significant user education. It's best to start small and roll out from there, rather than trying to boil the ocean.

For cybersecurity leaders in government agencies, preparing for a zero trust architecture is less an exercise in evaluating technologies and more an exercise in strategic thinking, requiring you to answer fundamental questions such as:

• What is your agency’s core mission or value proposition?
• What are the workflows required to fulfill that mission?
• Who owns those workflows?
• How does data flow in the organization?
• Which are your high-value assets, the so-called "keys to the kingdom"?
• How does the organization determine who is granted access to these high-value assets?
• How often does the organization audit user permissions once they are set?
• What building blocks do you already have in place to support a zero trust strategy?

Answering these questions requires full visibility and continuous monitoring of your entire attack surface, including IT, internet of things (IoT) and operational technology (OT) assets, and the ability to assess the criticality of each asset to deliver on your organization's core mission. No zero trust journey can begin without first addressing these fundamentals of exposure management.

How zero trust and exposure management go hand-in-hand

Exposure management transcends the limitations of siloed security programs. Built on the foundations of risk-based vulnerability management, exposure management takes a broader view across your modern attack surface, applying both technical and business context to more precisely identify and more accurately communicate cyber risk, enabling better business outcomes.

An exposure management program combines technologies such as vulnerability management, web application security, cloud security, identity security, attack path analysis and patch management to help an organization understand the full breadth and depth of its exposures and take the actions needed to reduce them through remediation and incident response workflows. Exposure management gives security teams a full, dynamic and accurate picture of the attack surface at any point in time, aiding in the implementation of zero trust policies and architecture.

Learn more

• Download the Gartner report How to Grow Vulnerability Management into Exposure Management
• Read the blogs Tenable and the Path to Zero Trust and Making Zero Trust Architecture Achievable
• View the updated draft Guidance for Implementing a Zero Trust Architecture, released by NIST on Dec. 4, 2024

A critical zero-day vulnerability in Fortinet’s FortiOS and FortiProxy products is being actively exploited by hackers to gain super-admin privileges on affected devices. The authentication bypass flaw, tracked as CVE-2024-55591, allows remote attackers to execute unauthorized code or commands via crafted requests to the Node.js websocket module. Fortinet confirmed the exploitation of this vulnerability in […]

The post Hackers Exploiting Fortinet Zero-day Vulnerability In Wild To Gain Super-Admin Privileges appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in OpenVPN ovpn-dco and GUI on Windows. It has been classified as problematic. This affects an unknown part. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2024-5198. It is possible to launch the attack on the local host. There is no exploit available.

A vulnerability was found in Red Hat Enterprise Linux 7, Enterprise Linux 8 and Enterprise Linux 9 and classified as problematic. Affected by this issue is some unknown functionality of the component FreeIPA API Audit. The manipulation leads to exposure of sensitive system information to an unauthorized control sphere. This vulnerability is handled as CVE-2024-11029. The attack may be launched remotely. There is no exploit available.

Cybersecurity researchers have identified infrastructure links between the North Korean threat actors behind the fraudulent IT worker schemes and a 2016 crowdfunding scam. The new evidence suggests that Pyongyang-based threamoret groups may have pulled off illicit money-making scams that predate the use of IT workers, SecureWorks Counter Threat Unit (CTU) said in a report shared with The Hacker

专家称有太多的人被诊断为肥胖，但有的肥胖者一切正常，有的肥胖者则疾病缠身。研究人员在《柳叶刀-糖尿病与内分泌学》上发表报告，提出一种新的、更精细的诊断方法，即将体脂测量指标（如腰围或直接测量体脂量）与BMI（身体质量指数）结合使用以检测肥胖，从而降低误分类的风险。报告指出，当前医学上诊断肥胖的方法主要依赖于 BMI，而 BMI 并不是衡量个人健康或疾病的可靠指标。报告还提出了两种新的肥胖分类：“临床肥胖”和“亚临床肥胖”。“临床肥胖”被定义为因体脂过多直接导致器官功能减退的客观体征和/或症状，或进行标准日常活动（如洗澡、穿衣、进食和自主排便）的能力显著下降的一种肥胖状态。被诊断为临床肥胖的患者应被视为患有持续性慢性疾病，并接受适当的管理和治疗。“亚临床肥胖”指在器官功能正常情况下的肥胖状态。虽然亚临床肥胖的个体无持续性疾病，但他们未来发展为临床肥胖和其他几种非传染性疾病（NCDs）的风险可能会有所增加，包括2型糖尿病、心血管疾病、某些类型的癌症和精神疾病等。因此，应为他们降低潜在的疾病风险提供支持。

SAP has released its January 2025 Security Patch Day updates, addressing 14 new vulnerabilities, including two critical flaws in SAP NetWeaver that could allow attackers to gain unauthorized access to affected systems. The most severe vulnerability, CVE-2025-0070, is an improper authentication issue in SAP NetWeaver ABAP Server and ABAP Platform. With a CVSS score of […]

The post Critical SAP NetWeaver Flaws Let Hackers Gain System Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

根据发表在 PNAS 期刊上的一项，如果你花了太长时间去制定如何省钱如何锻炼如何...之类的自我控制，你的大脑会精疲力竭，产生类似睡眠的活动。研究表明，就像肌肉因过度劳累而变弱一样，额叶皮层的某些部分，即负责注意力、计划、解决问题、自我控制和情绪调节等执行功能的大脑区域，会因使用而变得疲劳。研究人员在新研究中发现，在从事需要自我控制的任务后，额叶皮层不仅变得不那么活跃，而且可能进入一种类似睡眠的状态。“这种现象被称为局部睡眠，当大脑的某些部分在完成某些任务后感到疲劳时，就会发生这种情况……它们开始表现出典型的睡眠状态的脑电波，但这种情况发生在我们还醒着的时候。”这项工作表明，对人类大脑来说，发挥自我控制是一项艰巨的任务；一天中使用的这种资源越多，一天结束时剩的就越少。研究人员建议为了避免认知疲劳需要多多休息。

Рутинные операции с файлами ещё никогда не были столь опасными.

Chainalysis estimates threat actors made at least $51bn through crypto crime in 2024

A vulnerability has been found in D-Link DIR-823X 240126/240802 and classified as critical. Affected by this vulnerability is the function FUN_00412244. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2025-0492. The attack can be launched remotely. Furthermore, there is an exploit available.

Microsoft’s January 2025 Patch Tuesday has arrived with a significant security update, addressing a total of 159 vulnerabilities. This marks the largest number of CVEs addressed in a single month since at least 2017, more than doubling the usual amount fixed in January. Out of the 159 CVEs, 11 are classified as critical security flaws. […]

The post Microsoft January 2025 Patch Tuesday Comes with Fix for 159 Vulnerabilities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

最近释出的文本语音模型 Kokoro v0.19 只使用 8200 万个参数，但其 TTS Spaces Arena 排名高居第一，高质量的 AI 语音朗读可能意味着未来真人朗读的有声书将愈来愈稀少。Kokoro 模型权重使用 Apache 许可发布，支持美式英语、英式英语、法语、韩语、日语和中文普通话。开发者 Claudio Santini 在 Kokoro v0.19 基础上开发了一个 Python 3 应用 Audiblez，可用于在本地将电子书转变成有声书。测试显示，在苹果笔电 M2 MacBook Pro 上，将有 10 万单词的道金斯（Richard Dawkins）《自私基因》转变成有声书共花费了 2 小时时间。

A vulnerability, which was classified as critical, was found in Fanli2012 native-php-cms 1.0. Affected is an unknown function of the file /fladmin/cat_dodel.php. The manipulation of the argument id leads to sql injection. This vulnerability is traded as CVE-2025-0491. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in Fanli2012 native-php-cms 1.0. This issue affects some unknown processing of the file /fladmin/article_dodel.php. The manipulation of the argument id leads to sql injection. The identification of this vulnerability is CVE-2025-0490. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in Fanli2012 native-php-cms 1.0. This vulnerability affects unknown code of the file /fladmin/friendlink_dodel.php. The manipulation of the argument id leads to sql injection. This vulnerability was named CVE-2025-0489. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in Fanli2012 native-php-cms 1.0. This affects an unknown part of the file product_list.php. The manipulation of the argument cat leads to sql injection. This vulnerability is uniquely identified as CVE-2025-0488. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.