Orenda Security LLC

While you work on your security posture, and the changes in your organization requires proper tools to manage your modern attack surface (cloud security application posture management, SASS security posture management and more), we should keep active controls on traditional threats too. "Security measures fail to keep up with rising email attacks" Your security assessments should be tight to your change management process, but should also not forget to review the existing security controls, and make sure they remain relevant and efficient, as the risk context is also evolving. #cybersecurity #emailsecurity #cloudsecurity https://lnkd.in/gDS-pckm

If you don't dig into your online footprint, attackers will do anyways. "DockerSpy: Search for images on Docker Hub, extract sensitive information" DockerSpy scans Docker Hub for images and retrieves sensitive information, including authentication secrets, private keys, and other confidential data. Are you pushing container images online ? Are you sure these are not containing sensitive information ? DockerSpy is one of the tools that automates this search. This is showing how critical it is to have a formal release process in your organization, making sure that no sensitive data is pushed with images online. #cybersecurity #docker #containers #orchestration https://lnkd.in/dzrvpz4g

It's always interesting to see threat actors attacks waves that are often geo localized. It could be misleading into thinking that the attack is only happening in one place, as many threat actors do exploit the same vulnerabilities. "Blind Eagle Targets Colombian Insurance Sector with Customized Quasar RAT" ? What we see here is a specific group focusing on a specific region. ?? Yet, the value for an organization is to know that these tactics and techniques are actively used, and therefore require a bigger focus on the matching vulnerabilities. #cybersecurity #threatintelligence #attacksurface #vulnerabilitymanagement #technology https://lnkd.in/grvqjzPH

Vulnerabilities, threats, risks, non of these are static. Is your security plan static ? "Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195)" We picked this new vulnerability as an example, although, you should patch the issue if you use the product, point is, a continuous effort is needed to maintain the security posture. While some key changes are more durable, such as clearing misconfigurations mistakes in workloads and running environments, some other aspects needs more frequent checks. We can help you assess, prioritize and plan to enhance your posture. Security challenges from on prem multi sites, legacy infrastructure up to cloud security posture, at all share responsibility models. Are you in control ? #cybersecurity #cloud #apache #vulnerabilitymanagement #patchmanagement #saas https://lnkd.in/dXPA2U2C

Any of your premises or remote working relying on Zyxel router ? "Zyxel Patches Critical OS Command Injection Flaw in Access Points and Routers" Combining threat intelligence, vulnerability management, allows your organization to keep an holistic view of your security posture. The perimeter is more than just your local premises. Ideally, your organization can use the intelligence from threat intel in order to raise awareness toward its team, not only for the formal company owned assets. In fact, with remote work, network security basics matters for remote workers as well, so as they don't become the weak point of your security posture. #cybersecurity #cybersecurityawareness #zyxel #patchmanagement https://lnkd.in/dYMAZSgW

Impersonating a human always grant more access to systems than impersonating a system. This is why criminals always try to get humans identities on systems. "Next-Generation Attacks, Same Targets - How to Protect Your Users' Identities" ? Machines behaviors are predictable, and a baseline is easy to establish in order to detect irregular patterns, and stop them. ? Human behaviors are more erratic, less predictable, and therefore allow attackers to explore longer and deeper the target systems before triggering any abnormal behavior detection in the system. ?? Are you using strong authentication mechanisms ? Are you watching for leaked credentials and sessions ? #cybersecurity #IAM #identitymanagement #accesscontrol #IAM #RBAC etc https://lnkd.in/eiVyWjfr

Threat intelligence help adjusting the posture of your organization against the evolution of cyber threats. "How RansomHub went from zero to 210 victims in six months" This articles brings insights on the TTPs used by the affiliate of this ransomware as a service network. While it helps understanding how cyber crime can quickly scale up, it also helps your organization to adjust its security posture in other to reduce the risks related to these threats. #cybersecurity #threatintelligence https://lnkd.in/dv4zte2d

Threat intelligence helps your organization to stay aware of ongoing threat landscape evolution, and give you an opportunity to optimize your controls so as they remain effective. "BlackByte affiliates use new encryptor and new TTPs" ? Attackers use stolen credentials to get remote access to organization's infrastructure ? They then use vulnerabilities to bypass authentication on internal management consoles etc. ?? Are you actively maintaining your security posture ? Have you implemented the basics of #cybersecurity, including layered security and overlapping security controls ? #threatintelligence #ttp https://lnkd.in/dnSpEH94

Resilience is one of the goals of a proper #cybersecurity posture for an organization. "Seattle-Tacoma Airport IT systems down due to a cyberattack" ? When working on your security posture analysis, and you are doing your business impact analysis, it allows to assess if your controls are effective ? Security posture must be revised on a regular basis, and ideally, should be tight to your change management process, where each change triggers a security impact analysis (are the controls in place impacted by the change) ? Finally, the CIA triad comes with "Availability", this means that effective controls should be in place to ensure business continuity and avoid availability issues, or at least, above a defined threshold, falling under your business acceptable risk level #riskmanagement #security #technology #resilience #business https://lnkd.in/eGrEgTxu

We all work together toward risk reduction. "Focus on What Matters Most: Exposure Management and Your Attack Surface" Which if your systems are exposed ? What's the technical scope of your attack surface ? Do you have effective controls in place for risk reduction ? That's the kind of point security assessments help working on. Either on premises, or in the cloud, your exposure requires proper analysis. Have you had a third party checking your infrastructure with a fresh look ? Sometimes it helps identifying key points that escaped the vigilance. #cybersecurity #securityassessment #technology #cloud #computing #networking #security https://lnkd.in/eifW4xKA