Hopefully, the PwnKit vulnerability will be the turning point where security teams stop the vulnerability-centric approach that results in patch whack-a-mole and shift toward focusing on evaluating and validating true risk.
Get blog updates via email
LOLBAS (Living Off the Land Binaries And Scripts) is an attack method that uses binaries and scripts that are already part of the system for malicious purposes. This makes it hard for security teams to distinguish between legitimate and malicious activities, since they are all performed by trusted system utilities. Since LOLBAS are one of...
Pentera’s research team ‘Pentera Labs’ discovered a vulnerability in VMware’s vCenter Server program. The affected VMware software is installed in over 500,000 organizations worldwide and is responsible for managing their most critical systems. The findings were proactively reported to VMware and later released under CVE-2021-22015.
The trope of the burglar comparison in cybersecurity is more than overused. But when we talk about the damage of a break-in, it’s not just picking the lock that’s the problem- we worry about what they’ll steal, what they’ll destroy, even what they’ll plant (yes, I have an active imagination). What seals the deal on a good heist is always the inside man, the bank clerk, the janitor or even the shareholder with gambling problems. It seems that the ransomware groups are catching up.
Inspecting a vulnerability in silo will not reduce the organization’s true risk as critical context is missing. To outsmart and outmaneuver the sophisticated adversary, shifting from silo approaches – asset management, vulnerability-centric focus, bi-yearly penetration testing, continuous red-teaming, risk-based vulnerability management, and patch management is critical to scale and mature your security program.
If this question is keeping you up at night, you are certainly not alone. The threat is tangibly real and immediate, with ransomware damages projected to top $20 billion by the end of the year (Cybersecurity Ventures, 2021) and the average cost to recover from a ransomware attack estimated at $1.85 million (Varonis 2021). The stakes have reached a critical point and no organization, no matter how big or small, can hope to escape unscathed without addressing the threat head-on.
There are patches or remediations for all the top vulnerabilities, but they’re still being exploited in the wild. Why is that? Well, if you were the attacker, would you go through all the trouble of inventing a new zero day exploit (just for some street cred), or instead leverage an off-the-shelf one?