Orenda Security LLC

An interesting take from threat actors, as they use an actual security solution driver to shutdown other security solutions on systems. "Researchers Uncover Malware Using BYOVD to Bypass Antivirus Protections" ?? According to the article, the initial access is unknown, so the payload delivery is not clear yet. ?? Hopefully you do have layered security in place, with overlapping security controls in order to detect unwanted behavior and payloads in your systems. #cybersecurity #threatintellingence #technology https://lnkd.in/gFsJ5tes

Whether developed in-house, or from third party, your deployed online applications should follow proper security review. ? Cross-Site Scripting Is 2024's Most Dangerous Software Weakness ? MITRE and CISA's 2024 list of the 25 most dangerous software weaknesses exposes the need for organizations to continue to invest in secure code ? Cross-Site Scripting allows attackers to run their malicious scripts on your online applications, making it look like they belong to your organization. #cybersecurity #xss https://lnkd.in/ekTKFA42

Technical security controls are just a part of your resilience plan. "Don’t Hold Down The Ctrl Key—New Warning As Cyber Attacks Confirmed" ? As threat actors focus on creative ways to bypass your organization's security, you must ensure you keep your staff aligned with the best behavior in such situations. ?? Best practices, security controls and policies are a great baseline, but keeping your teams aware is also a key element, with #cybersecurity awareness training ? Wherever you are in your security journey, we can support your continuous enhancement efforts, from validating your existing posture, to support your organization maintaining an acceptable risk posture over time. #rismanagement #cybersecurityawareness https://lnkd.in/esm-GNXs

A proper security posture is a continuous work, it needs regular assessments, a proper integration in change management, and timely security updates "Palo Alto Networks Patches Critical Zero-Day Firewall Bug" ? Expedition firewall appliance's PAN-OS interface tool has racked up four critical security vulnerabilities under active attack in November ? This did lead to advise customers to update immediately or and take them off the Internet. ?? Depending on the risk and exposure, timely can mean immediately. Have you considered maintaining a layered security approach ? #cybersecurity #paloalto #pan #panos https://lnkd.in/eiS2b8NN

Threat intelligence helps organizations to assess the risks they face. The vertical in which the business is working, is a key factor in regards to cyber risks. "Moody’s Cyber Heat Map flags extreme cyber risks for critical infrastructure, impacting telecommunications and airlines" Organizations in such verticals could use such intel to adjust their security posture and adjust their risk evaluation accordingly. #cybersecurity #threatintelligence #riskmanagement https://lnkd.in/eiNhDHjX

?? The third party risk assessment task is a critical one, as it helps your organization assess the impact of third parties on your attack surface. ?? "OvrC Platform Vulnerabilities Expose IoT Devices to Remote Attacks and Code Execution" ?? When such situation appear, if you have a proper and formal third party risk management process, you'll quickly identify and tackle the potential impact of such situation. ? It's also a good opportunity to ensure this actually risk is identified and that you have security controls that compensate this risk (such as network segmentation, and any other overlapping control aiming at reducing the impact of such situation) #cybersecurity #IoT #cloud https://lnkd.in/gx89GfbY

Organization's security scope is often wider than expected. "New Android Malware SpyAgent Taking Screenshots Of User’s Devices" ?? Security purpose is to achieve information security, and ensure safety in organizations ? Once security controls are compensating risks as expected, information governance can take place ?? Yet, organization's environment are dynamic, and security should be embedded in the change management process, ensuring continuous alignment with the operational reality. ?? Smart phone handling organization's data are fully part of the attack surface, and should be included in the security strategy, in order to maintain a proper security posture. #cybersecurity #governance #android https://lnkd.in/ea872rJf

Back to the basics on this Friday, with a reminder about backups ! "Mastering the 3-2-1 Backup Approach: What It Is and Why It Works" ?? Security is critical, and backups are a mandatory corrective control, in order to recover when things turn bad ?? Nowadays, most organizations employ cloud based services, for operations, and backups. When going with the cloud backup option, many factors and options should be considered, with 2 key elements : - Encryption, to protect confidentiality of backups - Immutable backups, to ensure that integrity is protected from A to Z ? Obviously, backups should be tested, on a regular basis, like your security posture should be continuously assessed. Ideally, you'd have a certified partner, supporting your organization to achieve your goals in a formal way. #cybersecurity #backups #resilience https://lnkd.in/e_gXEYDE

Have you properly deployed security controls to avoid lateral moves ? "Attackers Breach IT-Based Networks Before Jumping to ICS/OT Systems" ? Low hanging fruits (unpatched vulnerabilities, misconfigurations etc) are always the source of initial access from criminal hackers. ? If you have proper effective controls, detection, and response, attackers should be stopped after the first mistake, allowing you to quickly adjust your posture. ? If not, following step is the lateral move, toward any accessible targets, but ideally, operation technology, where the biggest lever can be pulled against your organisation. #cybersecurity #ICS #ot #industrialsystems https://lnkd.in/gyCMP6u4

Holiday season is ahead, and some threat trends comes early (thankfully), allowing your organization to ensure proper controls and compensation measures are in place. "Cyber Threats That Could Impact the Retail Industry This Holiday Season (and What to Do About It)" ? The threats obviously change depending on your vertical and core activities ? Your digital architecture should be aligned with your risk strategy, meaning that critical workload went through stronger scrutiny, and have more resilience by design. ? Lately, if you just wrapped your posture adjustment, it's a great time to call for an assessment, as you still have time to adjust key elements you may not have covered. Reach out, very often, knowing what you have, and asking the right questions will lead to a positive outcome. #cybersecurity #preparedness #resilience #cloud https://lnkd.in/ervGjqkB