Security Boulevard

Las Vegas, Nevada, 30th July 2024, CyberNewsWire

The post Adaptive Shield Showcases New ITDR Platform for SaaS at Black Hat USA appeared first on Security Boulevard.

New and updated coverage for ransomware and malware variants, including AI Threat Scenario, GuLoader, DarkGate, MirrorBlast, & Kutaki Stealer

The post Poseidon Infostealer, DoNex Ransomware, ElDorado Ransomware, and More: Hacker’s Playbook Threat Coverage Round-up: July 2024 appeared first on SafeBreach.

The post Poseidon Infostealer, DoNex Ransomware, ElDorado Ransomware, and More: Hacker’s Playbook Threat Coverage Round-up: July 2024 appeared first on Security Boulevard.

Understanding the Security Risks and Solutions for Protecting Sensitive Data

There is a trend emerging for anyone launching a consumer business. Almost every business these days does two things: the first is to create an app and the second is to publish an API.

The post The Rise of Unofficial Apps in Delivery, Automotive, and E-Commerce appeared first on Security Boulevard.

Learn more about how organizations can use open source software to innovate while minimizing risk.

The post Next-Gen Vulnerability Assessment: AWS Bedrock Claude in CVE Data Classification appeared first on Security Boulevard.

What does Agile have to do with improving security? A lot! Explore highlights from Agile2024, including technical health, productive meetings, and addressing shadow IT.

The post Agile2024: Making Sure Security Is Part Of Our Processes appeared first on Security Boulevard.

Fortanix today extended the reach of its ability to discover encryption keys to on-premises IT environments to enable organizations to more comprehensively manage risks.

The post Fortanix Extends Encyption Key Discovery to On-Premises IT Platforms appeared first on Security Boulevard.

Discover, a new feature available to all DataDome customers, enables organizations to identify blind spots and shrink attack surfaces against malicious bots and fraudsters.

The post Uncover Your Attack Surface with Discover from DataDome appeared first on Security Boulevard.

For IDTR solutions, addressing compromised credentials head-on is crucial to protecting end users' environments.

The post Enzoic Dark Web Data Integration with IDTR Solutions appeared first on Security Boulevard.

Auto manufacturers are just starting to realize the problems of supporting the software in older models:

Today’s phones are able to receive updates six to eight years after their purchase date. Samsung and Google provide Android OS updates and security updates for seven years. Apple halts servicing products seven years after they stop selling them.

That might not cut it in the auto world, where the average age of cars on US roads is only going up. A recent report found that cars and trucks just reached a new record average age of 12.6 years, up two months from 2023. That means the car software hitting the road today needs to work­—and maybe even improve—­beyond 2036. The average length of smartphone ownership is just ...

The post Providing Security Updates to Automobile Software appeared first on Security Boulevard.

OCI Customers Can Now Externally Manage Encryption Keys from a Cloud-Based Service
madhav
Tue, 07/30/2024 - 10:20

Oracle stands apart by offering a comprehensive suite of services across all its cloud delivery models, from Oracle Alloy and Dedicated Region Cloud@Customer to its standard Public Cloud service. Regardless of the means of delivery or usage, security, and regulatory compliance are significant hindrances to cloud adoption. These concerns are particularly pressing for large enterprise clients traditionally relying on Oracle's database expertise to safeguard their most sensitive data. The pivotal Thales and Oracle external key management partnership directly addresses the challenge of securely storing data in the cloud in a manner that instills trust in large enterprises.

Continuing in its efforts to innovate for Oracle customers, we at Thales are excited to announce that organizations can now use Thales’ CipherTrust Data Security Platform as a Service (CDSPaaS) with Oracle Cloud Infrastructure (OCI) Vault’s External Key Management Service (EKMS) for full Hold Your Own Key (HYOK) encryption key management. Now customers can be in full control of their OCI keys without having to deploy hardware in their own data center as well as meet their data sovereignty needs.

Overview of CipherTrust Data Security Platform as-a-Service

Until this announcement, businesses have had the option to externally manage their OCI encryption keys by using Thales’ CipherTrust Cloud Key Management (CCKM) as either a physical appliance or virtual machine or sometimes arrayed in a hybrid or multi-cloud architecture. Now, with OCI Vault EKMS support available on the CipherTrust Data Security Platform-as-a-service (CDSPaaS), Thales offers a cloud-based service offering to the mix. Customers should have the choice of how and where they store their encryption keys. And now, they can do just that fully with Thales’ CipherTrust Data Security Platform.

The same underlying CCKM technology from our appliances underpins CDSPaaS. CCKM centralizes the management and storage of cloud encryption keys (from a broad array of CSP (Cloud Service Providers) vendors including Oracle Cloud Infrastructure) as organizations migrate their sensitive data to the cloud. With a single pane of glass view across regions, the CCKM functionality on CDSPaaS consolidates Bring Your Own Key (BYOK) and Hold Your Own Key (HYOK) use cases for customers in one straightforward interface to drive greater efficiency and more easily comply with data protection mandates, such as GDPR, Schrems II and the Data Privacy Framework (DPF).

CDSPaaS for OCI Vault EKMS is available to customers via Thales’s Data Protection on Demand (DPoD) Marketplace, a cloud-based online marketplace providing a wide range of cloud HSM (Hardware Security Modules), key management and encryption services. FIPS 140-2 Level 3 certified Luna Cloud HSMs (Hardware Security Modules) hosted in the Thales’ DPoD data centers secure the keys for each CDSPaaS subscription. The service automatically scales to meet the demands placed on it, so customers enjoy the high availability and resilience customary to the cloud. With a 30-day free trial, you can test it now.

Benefits of the Service

• Save time and effort by simplifying security management: Organizations avoid the procurement, configuration, and management cycles involved with purchasing hardware when they subscribe to CDSPaaS. Using Thales’ cloud-based DPoD service, organizations get to value faster with their OCI investments while also side-stepping the administrative costs associated with on-premises and siloed key management.
• Spread out capital investment costs: CDSPaaS subscriptions allow customers to fund their purchase over multiple years instead of experiencing heavy upfront capital expenditures. Thales’ subscription model allows customers to plan their spending in a consistent, reliable manner rather than having to budget inconsistent, one-time expenses.
• Scale when and how you need: CDSPaaS allows customers scale their requirements when they need it. Rather than purchasing hardware and capacity that organizations will need to grow into, CDSPaaS allows customers to add capacity on-demand as they add OCI Vault tenants for a just-in-time approach to meet their business demands more cost-effectively and to reduce their carbon footprint.
• The solution allows customers to address important compliance obligations by remaining in control of their data/encryption keys as their data resides in the cloud. More specifically, it allows European customers to ensure that their data safely resides within the EU under the control.Oracle Addresses European Data Privacy and Sovereignty Requirements with New EU Sovereign Cloud

Conclusion

Enterprises should have the tools to control their data however they see fit. Working with Oracle, we are excited to make this aspiration a reality. Some of the world’s most sensitive data resides in Oracle databases. Together with Oracle, we are making OCI not only possible, but convenient, for these customers and their most important data.

Try A Free Trial

CipherTrust Data Security Platform-as-a-service is available now, and businesses can sign up for a 30-day free trial through the Thales Data Protection on Demand (DPoD) Marketplace by following these three easy steps:

1) Sign up for a DPoD Marketplace account.

2) Select the CDSP (CipherTrust Data Security Platform) service on the DPoD Marketplace and fill in the requested information.

3) Log in and get started with no commitments.

To learn more read the product brief or contact one of our experts here.

Data Security Cloud Security Encryption Compliance Alex Hanway | Director of Business Development
More About This Author > Schema basic

The post OCI Customers Can Now Externally Manage Encryption Keys from a Cloud-Based Service appeared first on Security Boulevard.

The most completed and up to date crawlers list including the most common ones, the top SEO and TOOLS crawlers

The post The Complete 2024 Crawler List You Need to Identify All Web Crawlers appeared first on Security Boulevard.

Cloudflare, best known for its content delivery network (CDN), is marketed as a “Connectivity Cloud”. Part of its offering is protecting a vast number of websites from DDoS attacks [1]. However, its attitude to abuse management and prevention proves a point of contention and we urge Cloudflare to review its anti-abuse policies.

The post Too big to care? – Our disappointment with Cloudflare’s anti-abuse posture appeared first on Security Boulevard.

Two vulnerabilities were discovered in openvpn, a virtual private network software which could keep the closing session active or result in denial of service. Canonical released security updates to address these vulnerabilities in affected Ubuntu releases. These include Ubuntu 24.04 LTS, Ubuntu 23.10, Ubuntu 22.04 LTS, and Ubuntu 20.04 LTS. Let’s look at the details […]

The post Ubuntu Fixes Two OpenVPN Vulnerabilities appeared first on TuxCare.

The post Ubuntu Fixes Two OpenVPN Vulnerabilities appeared first on Security Boulevard.

A report published today by Zscaler finds an 18% increase in ransomware attacks, including one that involved a record $75 million payment that appears to have been made to the Dark Angels ransomware group.

The post Report: An 18% Increase in Ransomware Attacks Includes $75M Payment appeared first on Security Boulevard.

Cisco has recently released patches pertaining to a maximum severity security flaw. As per recent reports, the Cisco security patches are for flaws within the Smart Software Manager On-Prem (Cisco SSM On-Prem). In this article, we’ll dive into the details of the vulnerability and learn what could happen if the flaw was to be exploited […]

The post Cisco Security Patches: Max Severity Security Flaw Fixed appeared first on TuxCare.

The post Cisco Security Patches: Max Severity Security Flaw Fixed appeared first on Security Boulevard.

All Java builds that pass the TCK suite of tests, even free distributions of OpenJDK, are compliant with Java SE standards and safe to use.

The post Are Free Distributions of OpenJDK Safe to Use? appeared first on Azul | Better Java Performance, Superior Java Support.

The post Are Free Distributions of OpenJDK Safe to Use? appeared first on Security Boulevard.

Risk and Reward of APIs and Third-Party Connectors in the Cloud

7 min read·Just now

--

A Security Operations (#SecOps) and Engineering Commentary from industry insider Rohan Bafna , SecOps Engineer.

Third-party connectors through an Application Programming Interface (API) and other means remain essential for cloud expansion and functionality. As more organizations transform their businesses by moving their operations and applications to the cloud, there is a greater need for third-party integration to cloud infrastructures, security architectures, and applications.

As the world and technology industry continues to decode the effects of the CrowdStrike and Microsoft outage, the risk of human error configuring third-party connections and native integrations will always happen. Even with AI-assisted automated programming and machine learning, mistakes in design, testing, and configuration will happen.

That is the risk.

The cloud and its various forms of consumption have become too complex for one sole company or infrastructure to meet all the customers’ needs, manage all the different digital ecosystems, and provide comprehensive cybersecurity prevention strategies.

Security companies Cisco, CrowdStrike, and IBM develop cybersecurity products and services to integrate into Amazon Web Services, Google Cloud, and Microsoft Azure. By partnering with third-party connector developers, these cloud providers can speed up their time-to-market offerings.

That, ultimately, is the reward.

How Vulnerable Are APIs?

APIs are essential in software applications, but they are at risk because of misconfiguration, lack of security measures, or lack of awareness. This vulnerability can lead to hackers’ unauthorized access to sensitive data or systems.

• APIs are at risk of attack from injected malicious code, leading to data exposure, system compromise, or takeovers.
• Weak authentication, improper session handling, and inadequate access controls can make APIs vulnerable to attacks. Attackers may exploit these vulnerabilities to impersonate users, hijack sessions, or gain unauthorized access to sensitive data.
• API can also be targeted with DoD attacks, causing service disruption, negative user experience, and financial losses. It is essential to assess APIs for security to protect data and prevent breaches.API security testing helps identify vulnerabilities and weaknesses in API implementations.

How To Test APIs for Security Vulnerabilities?

API testing is a necessary process that benefits developers, testers, and end-users. During early testing in the SDLC, developers can test APIs before the user interface is ready, allowing them to identify and resolve bugs at the server level before they appear in the UI layer. This testing helps prevent these issues from escalating.

Additionally, API testing enables testers to carry out requests that may not be recommended through the UI as it could expose security vulnerabilities. API testing is critical for catching bugs early to avoid delays in product releases.

UI Testing

UI testing is essential to confirm that the API functions appropriately within the application’s user interface. This testing guarantees that the UI accurately displays the API’s outcomes and that the API appropriately manages the UI’s inputs.

API Hacking

API hacking involves exploiting vulnerabilities in an API for security testing. Attackers can target API endpoints to gain data access, disrupt services, or take control of the system. Ethical hackers practice by attacking intentionally vulnerable APIs downloaded from the Internet. They can then test the organization’s APIs to identify weaknesses and assess resilience.

How to Protect APIs From Various Attacks?

API vulnerabilities are weaknesses in API security that bad people can use to do bad things. It can lead to data breaches, unauthorized access, and system crashes.

Stopping Excessive Data Exposure

Excessive Data Exposure happens when an API mistakenly discloses more data than required, which could aid potential attackers in future attacks.

To address this vulnerability, developers should only include essential data in their API responses. Engineers should enable this function by filtering data properly and controlling the quantity of data sent in each API response.

Rate Limiting

With rate limiting, an API can become overwhelmed with more requests, making it vulnerable to DoS attacks.

Limiting the requests can protect against attacks. To prevent DoS attacks, set a maximum number of requests in a timeframe.

Insecure Direct Object Reference (IDOR)

IDOR vulnerability lets attackers manipulate references to gain data access.

To mitigate this vulnerability, developers should avoid exposing direct references to internal objects in their APIs. Instead, they should utilize indirect references to increase the complexity for potential attackers seeking to manipulate the references and obtain unauthorized access.

Importance of Third-Party API Connectors in Cloud Environments

A well-designed API connection involves a three-layer architecture with system, process, and experience APIs. Adding layers of APIs can cause latency issues, especially with large data payloads. Maintaining latency in an API-led system requires dedicated IT resources.

Integration applications use connectors to link with systems through an API integration process, simplifying the process for creators by not needing direct programming. APIs enhance data transfer within systems by being integral parts of the systems.

APIs are crucial for modernizing systems and integrating applications, helping teams meet digital transformation goals for business and customer satisfaction.

Risks Associated with Third-Party API Connectors

Third-party APIs benefit users and can seamlessly integrate with business SaaS applications and cloud platforms. However, a notable issue arises when these apps and their providers access company data without adequate security.

Third-party APIs connecting to SaaS-to-SaaS platforms pose a supply chain risk. Providers’ weak security practices can put data at risk even with the enablement of known security protocols. Security teams need control over permissions for these apps, especially those with real-time integration risks and dependencies on third-party developers.

APIs become integrated into the various cloud-based applications and infrastructures and become part of the attack surface. Hackers look for third-party API connectors, expecting most of them to be vulnerable.

Similar to operational technology (OT) and industrial control systems (ICS), developers and security operations people choose to patch or update an API once it is deployed. This decision often leads to cyberattacks against API connectors, as hackers can access various websites and cloud instances looking for these connectors.

Security is a concern with integration security gaps in custom-built API integrations. This risk can lead to authorization problems, security misconfiguration, and insufficient logging. Without security reviews and data governance controls, there is an increased risk of security issues.

The Need for Continuous Assessment and Real-time Monitoring Third-Party API Connectors

Continuous security monitoring is a system that checks for security issues and alerts you if there’s a problem. Specifically, for APIs and other third-party connectors, ensuring the connectors have not become compromised is critical for all parties leveraging the tool.

Another critical task for developers is to perform assessments against APIs to validate and check exposed vulnerabilities that require immediate remediation. Developers will use Dynamic Application Security Testing (DAST) tools to test APIs and web applications. These tools become embedded within the DevOps and CI/CD development process.

The Future of SecOps and Third-Party Connections

Cyberattacks are a common threat in today’s world. Small businesses are not exempt from these attacks. Cybercriminals often target them because they lack the resources to recover quickly from security incidents. This targeting can cause data breaches, financial losses, and damage to their reputation.

Organizations must invest in security operations (SecOps) as more systems depend on the cloud, APIs, and third-party connectors. The complex world of interconnections between applications, cloud instances, legacy on-premise systems, and SaaS-based offerings will continue expanding the vulnerable attack surface.

Securing third-party APIs is essential for meeting GDPR and HIPAA regulations, preventing potential penalties from regulatory agencies.

Numerous organizations are required to meet security standards, such as ISO 27001. Implementing these frameworks can help establish a secure system and showcase dedication to security with clients. Ongoing monitoring is often necessary to comply with security standards like SOC 2 and ISO 27001.

Final Thoughts

The more interconnected we have become, the more likely we will see security like CrowdStrike and Microsoft. SecOps will continue to be critical in monitoring databases, APIs, cloud instances, user access, and ecosystem connections through the various supply chain portals and hosted systems.

Monitoring, reporting, and automation of API remediation will continue to gain momentum by heading into 2025.

Small businesses require a well-thought-out strategy to improve the security of their web applications and APIs. Investing in SecOps, either in-house or with a managed security service provider (MSSP), is essential for monitoring APIs and providing incident response functions.

About Rohan Bafna

Rohan is a WeWORK Incident Response and Threat Detection director based in New York City. He holds a master’s in computer science from Rochester Institute of Technology and an undergraduate degree from Thadomal Shahani Engineering College in Mumbai, India.

Rohan’s experience in security operations automation extends well into enabling artificial intelligence machine learning and developing next-generation security orchestration automation and response (SOAR) functions. Along with mastering SecOps automation, Rohan mentors many first-year engineers interested in learning more about modern security engineering, including deploying Cisco/Splunk for observability and better-automated notifications.

Rohan can be reached at [email protected] and on LinkedIn at https://www.linkedin.com/in/rohan-bafna-0911807b/.

#cybersecurityroadmap #roadmapofcybersecurity #cybersecuritycourse #cybersecurity2023 #roadmap #cybersecuritypodcast #scalability #business #cloud #cyber #podcast #podcast #management #innovation #emailsecurity #dlp #encryption #ransomwareprotection #malwareattacks #ciso Security, Privacy and Risk #privacy #security #email #compliance

The post Risk and Reward of APIs and Third-Party Connectors in the Cloud appeared first on Security Boulevard.

API Security Anywhere Self-Managed Option Imperva continues to deliver solutions that help customers protect their applications and APIs, whether in the Cloud, on-premises, or in a hybrid environment. Imperva API Security includes a SaaS-based and an on-premises solution, both managed in the Imperva Cloud Management Console. Imperva is further expanding the management options for its […]

The post Deploy API Security On-Premises with New Imperva API Security Anywhere Self-Managed Option appeared first on Blog.

The post Deploy API Security On-Premises with New Imperva API Security Anywhere Self-Managed Option appeared first on Security Boulevard.

In November 2009, as coach of a youth baseball team, I received a Google Sheet with the names, birthdays, contact information, and team names for about 30 kids born between 1997 and 2000. More than 14 years later, I still have access to that document.  Today, those players are in their early to mid-twenties. Presumably, […]

The post Detecting Externally Facing Resources appeared first on Adaptive Shield.

The post Detecting Externally Facing Resources appeared first on Security Boulevard.

Ostrich Cyber-Risk announces its inclusion in the 2024 Gartner® Hype Cycle™
for Cyber-Risk Management as a Sample Vendor for Cyber-Risk Quantification
(CRQ), earning a "High" benefit rating. This recognition underscores
Ostrich's commitment to continuous innovation and leadership in the cyber
risk management space.

The post Ostrich Cyber-Risk Recognized in 2024 Gartner® Hype Cycle™ for Cyber-Risk Management  appeared first on Security Boulevard.