Stay Informed, Stay Safe - The Guardian's November 2024 Issue

Welcome to this month's edition of the NodeZero? Guardian: Horizon3.ai’s cybersecurity newsletter, equipping you with essential cybersecurity news and updates, plus Horizon3.ai content and events.?Let's kick things off with a trivia question!

What does the acronym "MITRE ATT&CK" stand for, and what is its primary purpose?

You'll find the answer at the end of the newsletter!

In the News

CISA Request for Comment on Product Security Bad Practices Guidance

CISA is seeking public comment to inform the development of these Product Security Bad Practices, which enumerate exceptionally risky software development activities. Please visit the?Federal Register?to submit comment by Dec. 16, 2024.

CISA Releases: Safe Software Deployment: How Software Manufacturers Can Ensure Reliability for Customers?

CISA—along with U.S. and international partners—released joint guidance,?Safe Software Deployment: How Software Manufacturers Can Ensure Reliability for Customers. This guide aids?software manufacturers in establishing secure software deployment processes to help ensure software is reliable and safe for customers.?

Foreign Threat Actor Conducting Large-Scale Spear-Phishing Campaign with RDP Attachments?

CISA has received multiple reports of a large-scale spear-phishing campaign targeting organizations in several sectors, including government and information technology (IT). The foreign threat actor, often posing as a trusted entity, is sending spear-phishing emails containing malicious remote desktop protocol (RDP) files.

TSA proposes new cybersecurity rule to bolster US transportation infrastructure resilience?

The US Transportation Security Administration (TSA) has?proposed?a new cybersecurity rule designed to strengthen the resilience of surface transportation infrastructure. Specifically, the rule mandates high-risk operators, including those in the pipeline, railroad, and bus sectors, to implement comprehensive Cyber Risk Management (CRM) programs.

H3 Announcements

November 12, 2024 - Horizon3.ai Launches NodeZero? Kubernetes Pentesting, Empowering Organizations to Protect Critical Infrastructure: This press announcement highlights the release of NodeZero? Kubernetes Pentesting, a powerful new capability available to all NodeZero users.?

October 30, 2024 - Horizon3.ai Named to the 2025 Fortune Cyber 60 for the Second Consecutive Year: This press announcement highlights that Horizon3.ai was honored to announce its second consecutive inclusion in the Fortune Cyber 60, presented by Lightspeed. This recognition underscores the company’s continued innovation and influence.?

Straight from the Source: H3 Content

NodeZero for Kubernetes Fact Sheet?

NodeZero’s Kubernetes Pentesting is the first fully autonomous security solution designed to deploy directly inside Kubernetes clusters. Download the Fact Sheet here.?

Enhancing Vulnerability Management: Integrating Autonomous Penetration Testing?

This blog discusses how to address the challenge of prioritizing exploitability and how to best integrate the NodeZero platform into vulnerability management (VM) programs. This combined approach is revolutionizing VM processes, offering significant advantages over traditional approaches.?

Enhancing Cybersecurity Post-Breach: A Comprehensive Guide?

This white paper outlines seven essential strategies for leveraging the NodeZero? penetration testing platform to evaluate and validate the effectiveness of your Security by Design approach. It provides a detailed breakdown of each strategy, offers recommendations for successful implementation, and highlights the expected outcomes for each method.?

NodeZero Attack Content?

New Attack Content?

• Added CVE-2024-8956 against PTZOptics cameras?
• Added CVE-2019-7192 against QNAP Photo Station?
• Added CVE-2023-1389 against TP-Link AX21?
• Added CVE-2023-25280 against D-Link DIR-820L routers?

New Rapid Response Tests

• Apache Solr Authentication Bypass Vulnerability CVE-2024-45216?
• CyberPanel Remote Code Execution Vulnerability CVE-2024-51567?
• Linear eMerge OS Command Injection Vulnerability CVE-2024-9441?
• CUPS-browsed Server Side Request Forgery Vulnerability H3-2024-0052?

Over the Horizon

Come meet our crew! Here are some of our upcoming events:

• 3 December – Webinar: What You're Missing – Strengthen Your Security Posture with NodeZero (Register HERE)?
• 12 December – Webinar: Uncover Kubernetes Security Weaknesses with NodeZero? (Register HERE)?
• 9 January – Webinar: Harnessing the Attacker's Perspective for Ongoing Security Validation Continued (Register HERE)??

Cybersecurity Tip of the Month

Deploy Tripwires to Monitor Your Unpatched Systems?

NodeZero Tripwires are proactive, strategic markers designed to catch suspicious or malicious activity around systems that might still be vulnerable. If you can't immediately patch a system, a Tripwire acts as an early warning system, alerting your team to any unusual movement near these potential targets. Learn more here.?

Get in Touch

Enjoyed the newsletter, but maybe got tricked by the trivia question? Think we forgot something important? Let us know! Please feel free to reach out to us at [email protected].?

Trivia Answer: MITRE ATT&CK stands for "MITRE Adversarial Tactics, Techniques, and Common Knowledge." It is a globally accessible knowledge base of cyber adversary tactics and techniques based on real-world observations. Its primary purpose is to help organizations understand, detect, and respond to various cyber threats by mapping out attacker behavior.