Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Cybersecurity Snapshot: 6 Things That Matter Right Now

Topics that are top of mind for the week ending Aug. 5 | Don’t take your eye off the Log4j ball. The dangers of unsupported software. Why low MFA adoption is everyone’s problem. Preventing ransomware attacks. And much more!

1. Log4j: It’s a marathon race not a sprint

Like an insufferable houseguest who overstays his welcome, the cataclysmic Log4j vulnerability will be around for a long time – possibly as much as a decade after its earth-shaking discovery in December of last year.

That’s the bad news the Cybersecurity and Infrastructure Security Agency’s Cyber Safety Review Board delivered in a recent report. So let’s cut straight to CISA’s recommendations for staying safe, which include:

  • Continue to address Log4j risks through persistent, long-term vigilance, so that you can monitor, discover and upgrade vulnerable software and prevent reintroduction of vulnerable Log4j versions.
  • Drive best practices for security hygiene, such as automated vulnerability management, asset inventorying and vulnerability mitigation, as well as secure software development practices.
  • Build a better software ecosystem that yields software that’s secure by design, which can be achieved by: 
    • encouraging open source developers to participate in community-based security initiatives
    • training developers in secure software development
    • improving the capabilities and adoption of tools for creating software bills of materials (SBOMs)

For more Log4j resources, check out:

2. SMBs slow on the MFA uptake

There’s a multifactor authentication (MFA) problem among small and mid-sized businesses (SMBs) – namely, a troubling lack of awareness and use of this security method, which puts them, their customers and their partners at risk.

A survey by the Cyber Readiness Institute of about 1,400 SMBs in eight countries found, among other things, that:

  • 55% of respondents aren’t very aware of MFA and its benefits
  • 54% don’t implement MFA for their business
  • Only 13% require the use of MFA

If you’re reading this and thinking this isn’t your problem because your business is hip to MFA, think again. How many SMBs are on your trusted third-party vendor and partner list, and have some access to your systems and data? Are they all using MFA?

Snapshot #5 -- image 4
(Source: "Global Small Business Multi-Factor Authentication (MFA) Study" from the Cyber Readiness Institute, July 2022)

In a companion guide about MFA, the non-profit group includes these recommendations:

  • Every employee should use MFA for business-operations services, such as email, accounting and HR, across all of their devices.
  • When choosing an MFA tool, pick one that’s easy to use, can be used in the office or remotely, includes employee training and offers around-the-clock support.
  • Prioritize systems and data to be protected.
  • Create awareness about MFA’s importance among employees.

More information:

3. Do you own any of these newly unsupported software products?

When vendors stop supporting a software version or product, it immediately becomes a security risk. In its most recent roundup for recently unsupported software, the Center for Internet Security (CIS) reminds organizations that continuing to use these software assets – operating systems, applications, firmware and the like – puts them at risk in various ways, including:

  • You no longer get updates and patches for it, even if new vulnerabilities are disclosed.
  • You may be subject to regulatory compliance violations.
  • You may experience malfunctions and incur higher support costs.

More information about these risks:

4. Time to prep for the quantum computing threat

They don’t exist yet, but quantum computers that can break existing cryptographic algorithms will be developed. When? No one knows exactly. (The Cloud Security Alliance says in 2030.) But this much is clear: This will put digital systems worldwide at risk, creating a potential data-privacy catastrophe. Efforts to address this problem have been underway for years. 

For example, the U.S. government recently selected the first four “quantum resistant” cryptographic algorithms resulting from a competition launched by the National Institute of Standards and Technology (NIST) in 2016. Four other algorithms are under consideration. The final standardized algorithms aren’t expected before 2024.

Snapshot #5 -- image 1a

While all this plays out, the government has outlined a roadmap with a list of tasks security teams can start to do today – yep, as in “now” – to prepare for the arrival of “post quantum cryptography,” including:

  • Create an inventory of systems and applications that use public-key cryptography. 
  • Create an inventory of the most sensitive and critical data to be secured long-term. 
  • Prioritize systems for transition, by asking questions like:
    • Is this system a “high value” asset for the organization?
    • What is this system protecting?
    • What other systems does it communicate with?
    • Does this system share information externally and to what extent?
    • Does it support critical infrastructure?

More U.S. government and industry resources:

Articles and commentary about this topic:

5. Knowledge is key for defeating ransomware

Ransomware remains a critical problem globally, and understanding this threat is key for successful prevention. That’s why it’s a big focus for Tenable, and for our Security Response Team (SRT) in particular. 

Snapshot #5 -- image 3

Recent resources from SRT include the white paper “The Ransomware Ecosystem,” as well as blogs about the LAPSUS$ extortion group and about the different ecosystem players and their motivations. You can also check out interviews with SRT research engineers on DarkReading, Enterprise Security Tech, KBI Media and Manufacturing.net.

Tenable recommendations to prevent ransomware attacks include:

  • Use MFA for all accounts within your organization
  • Require the use of strong passwords for accounts
  • Continuously audit permissions for user accounts
  • Identify and patch vulnerable assets in your network in a timely fashion
  • Review and harden Remote Desktop Protocol
  • Strengthen Active Directory security

6. Vulnerabilities, incidents and trends to keep your eye on

  • Tenable Research recently discovered that the Jumpstart environments for Microsoft’s Azure Arc do not properly use logging utilities, leading to potentially sensitive information being logged in plaintext. Microsoft has patched the issue.
  • Oracle addressed 188 CVEs with 349 patches, including 66 critical updates.
  • VMware patched serious vulnerabilities across multiple products including VMware Workspace ONE Access.

Related Articles

Are You Vulnerable to the Latest Exploits?

Enter your email to receive the latest cyber exposure alerts in your inbox.

tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable.io Vulnerability Management trial also includes Tenable Lumin, Tenable.io Web Application Scanning and Tenable.cs Cloud Security.

tenable.io BUY

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable.io Vulnerability Management trial also includes Tenable Lumin, Tenable.io Web Application Scanning and Tenable.cs Cloud Security.

Tenable.io BUY

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now

Try Tenable.io Web Application Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web Application Scanning trial also includes Tenable.io Vulnerability Management, Tenable Lumin and Tenable.cs Cloud Security.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable.io Container Security

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Try Tenable Lumin

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable.io Vulnerability Management, Tenable.io Web Application Scanning and Tenable.cs Cloud Security.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable.cs

Enjoy full access to detect and fix cloud infrastructure misconfigurations and view runtime vulnerabilities. Sign up for your free trial now.

Your Tenable.cs Cloud Security trial also includes Tenable.io Vulnerability Management, Tenable Lumin and Tenable.io Web Application Scanning.

Contact a Sales Rep to Buy Tenable.cs

Contact a Sales Representative to learn more about Tenable.cs Cloud Security and see how easy it is to onboard your cloud accounts and get visibility into both cloud misconfigurations and vulnerabilities within minutes.

Try Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Promotional pricing ends September 30th.
Buy a multi-year license and save more.

Add Support and Training