65 Fortune 100s Downloaded Flawed Apache Struts

Infosecurity Magazine | January 30, 2019

65 Fortune 100s Downloaded Flawed Apache Struts
Despite Apache Struts releasing multiple updates to its software in the nearly two years since the Equifax breach, Sonatype published research which found that between July and December 2018, two-thirds of the Fortune 100 companies downloaded the same vulnerable version of Apache Struts that was used in the infamous Equifax breach, according to an email from Sonatype. “According to our analysis of The Central Repository (defacto repository of Java components used by all the popular Java build tools as the source of the components by default), over last 6 months of 2018 – we saw 65 of the Fortune Global 100 have downloaded vulnerable versions of Struts,” a spokesperson wrote. “Beyond Struts, this problem of electively consuming known vulnerable open source components is a large issue that extends across all industries.  In 2018, Sonatype (Central report again) and npm reported that 12.1% of Java open source components and 51% of JavaScript npm packages downloaded had known vulnerabilities.

Spotlight

“The UK government judges that the Russian government, specifically the Russian military, was responsible for the destructive NotPetya cyber-attack. We call upon Russia to be the responsible member of the international community it claims to be rather then secretly trying to undermine it”, stated Lord Tariq Ahmad of Wimbledon, the Foreign Office Minister of State, in early 2018.1 NotPetya was easily one of the most devastating cyberattacks in recent times, affecting Europe, Asia, and the Americas. The attack was estimated to have cost businesses almost $1.2 billion.2 The NotPetya virus encrypted the hard drive of infected computers and was primarily seen as a Russian state-sponsored cyberattack masquerading as ransomware. The United Kingdom was joined by the United States and Australia in publicly attributing NotPetya to the Russian military3.

Related News

Deloitte Extends Its Cybersecurity Services by Partnering with Palo Alto

Deloitte | May 08, 2020

Multinational professional services network Deloitte has announced a partnership with global cybersecurity leader Palo Alto Networks. Deloitte’s EMEA Cybersphere Center boasts a technological setup capable of carrying out security orchestration, automation, monitoring and response tasks. Together we look forward to helping customers around the world make each day more secure than the one before. Organizations operating in today’s fast-moving digital world need a cybersecurity strategy capable of tackling increasingly sophisticated threats. Collaboration is key in the cybersecurity industry to build and implement the best solutions possible to stay one step ahead. For this reason, Deloitte’s EMEA Cybersphere Center has partnered with global cybersecurity leader Palo Alto Networks, with the aim of expanding its managed security services portfolio for customers both in Spain and across its entire global network. This partnership will see Deloitte’s EMEA Cybersphere Center integrate Cortex XDR™, Cortex™ XSOAR (formerly Demisto), and Prisma™ Cloud solutions into its security catalogue. With this agreement, Deloitte’s EMEA Cybersphere Center boasts a technological setup capable of carrying out security orchestration, automation, monitoring and response tasks to tackle the most sophisticated threats detected in any environment. Cortex XSOAR’s industry-leading security orchestration, automation and response technology has also been implemented within Deloitte’s own security operations centre, allowing its team of professionals to augment their current capabilities and ultimately be better prepared to tackle increasingly complex cybersecurity threats on behalf of customers. Learn more: PROGRESS IS THE PROMISE IN NATIONAL CYBERSECURITY STRATEGY . “This partnership enables us to enhance the service that we provide to our clients and to combine the finest threat detection and response technologies with the development of technological processes and the experience of our professionals across all areas of cybersecurity. This represents a giant leap forward for our market growth strategy.” ~ Christian Hentschel, president, Palo Alto Networks. “Deloitte, not only helping them to deliver enhanced SOAR capabilities having implemented our technology in their own security operations centre, but also incorporating services around our wider Cortex and Prisma Cloud solutions.��� Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited (“DTTL”), its global network of member firms, and their related entities (collectively, the “Deloitte organization”). DTTL (also referred to as “Deloitte Global”) and each of its member firms and related entities are legally separate and independent entities, which cannot obligate or bind each other in respect of third parties. DTTL and each DTTL member firm and related entity is liable only for its own acts and omissions, and not those of each other. DTTL does not provide services to clients. Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate. Our mission is to be the cybersecurity partner of choice, protecting our digital way of life. We help address the world's greatest security challenges with continuous innovation that seizes the latest breakthroughs in artificial intelligence, analytics, automation, and orchestration. By delivering an integrated platform and empowering a growing ecosystem of partners, we are at the forefront of protecting tens of thousands of organizations across clouds, networks, and mobile devices . Learn more: MICROSOFT SHARES THREAT INTELLIGENCE, SECURITY GUIDANCE DURING GLOBAL CRISIS .

Read More

DATA SECURITY

Lack of Remote and Hybrid Work Policies Put Education Industry at Risk for IT Security Issues

Apricorn | July 23, 2021

The leading manufacturer of software-free, 256-bit AES XTS hardware-encrypted USB drives, Apricorn, has announced various findings for the education sector from the Apricorn Global IT Security Survey, 2021. The survey says the education industry lacks concern about security threats from employees and, due to limited IT security policies related to remote work, has a greater risk for cybersecurity breaches and data loss than other industries. For example, 69.4% of respondents say, as targets that attackers can use to access data, employees at their organizations don't think of themselves, compared to 37.5% in information technology (IT). The survey was to compare cybersecurity policies of various industries about hybrid and remote work. More than 400 respondents completed the survey. Unfortunately, the education industry constantly lags behind many other healthcare, manufacturing, IT, and financial services when executing lost/stolen devices and data security policies. Remarkably, compared to 55% in IT, only 26% of respondents in the education industry agreed that they have policies regarding lost/stolen devices. Many education institutions, in the Fall, will be returning to in-person instruction; however, in the education sector, most survey respondents (90.77%) said a hybrid work option exists. Organizations in education demonstrated a trend of allowing employee choice when it comes to policy adherence when asked about policies and procedures that have been put in place regarding transporting data and devices. Compared to an average of 52% for other top industries, only 20% of education organizations require encrypted hardware. More than half of EDUCATION organizations permit the use of personal USB devices. About Apricorn Founded in 1983, Apricorn is a leading provider of secure storage innovations to prominent companies in education, healthcare, finance, and government throughout North America, EMEA, and Canada. Apricorn products have become the trusted standard for a myriad of data security strategies worldwide. Under the Apricorn brand, numerous award-winning products and patents have been developed.

Read More

DATA SECURITY

Radiflow's New Version of CIARA - OT Risk Platform Transforms Industrial Cybersecurity

Radiflow | May 31, 2021

Radiflow has received extensive industry appreciation for its one-of-a-kind, fully IEC62443-compliant Cyber Industrial Automated Risk Analysis Platform (CIARA), enabling CISOs to optimize their cybersecurity expenditure non-intrusively simulating breach attempts in industrial automation networks and prioritizing the most effective mitigation measures. In accordance with Radiflow's ongoing mission of "Taking the guesswork out of OT cybersecurity," the latest edition of CIARA allows users to further customize their cybersecurity optimization with additional operational and budgetary criteria. Ilan Barda, CEO of Radiflow, announced the new features: "CIARA was warmly received in the market as the first-of-its-kind OT BAS solution (breach attack simulation). Since its release, we have seen an increase in demand for risk prioritization in the dynamic OT/ICS threat landscape. Our new edition responds to the critical need for data-driven decision-making. We are delighted to assist CISOs in developing the best budget-driven mitigation strategy." Users of the updated version of CIARA can now: Customize their OT-security optimization: Users can now choose from a wide range of factors to find a balance between security, compliance, and budget. CIARA prioritizes security requirements for mitigation measures (SRs) that match the chosen criterion to maximize their cybersecurity ROI. Among the current optimization criteria are: • Zone impact: What is the financial impact of a disruption in that zone? • Which zone has the lowest tolerated risk (as specified by the user)? • Which zones have the highest disparity between real security measures and those prescribed by the IEC62443 standard? New supply chain threats are included in attack simulations: Supply chain attacks, such as the SolarWinds breach, take advantage of vendor networks' vulnerabilities. In addition to the fundamental requirement control groups in IEC62443, CIARA users can now add a security control group for Supply Chain attacks (NIST 800-161) to CIARA's breach simulations, including such attack strategies prioritize the effectiveness of relevant mitigation measures. Budget and Plan : CIARA's new OT security project planner generates a complete quarterly mitigation plan based on the user's optimization preferences, balancing the estimated cost of mitigation controls against the quarterly budget constraints. About Radiflow These new features enhance Radiflow's objective to eliminate the guesswork from OT security. Radiflow is committed to assisting CISOs in prioritizing their activities by providing industrial threat detection and risk management solutions.

Read More

Spotlight

“The UK government judges that the Russian government, specifically the Russian military, was responsible for the destructive NotPetya cyber-attack. We call upon Russia to be the responsible member of the international community it claims to be rather then secretly trying to undermine it”, stated Lord Tariq Ahmad of Wimbledon, the Foreign Office Minister of State, in early 2018.1 NotPetya was easily one of the most devastating cyberattacks in recent times, affecting Europe, Asia, and the Americas. The attack was estimated to have cost businesses almost $1.2 billion.2 The NotPetya virus encrypted the hard drive of infected computers and was primarily seen as a Russian state-sponsored cyberattack masquerading as ransomware. The United Kingdom was joined by the United States and Australia in publicly attributing NotPetya to the Russian military3.