Security Boulevard

via the comic & dry wit of Randall Munroe, creator of XKCD

Permalink

The post Randall Munroe’s XKCD ‘Classical Periodic Table’ appeared first on Security Boulevard.

Oink, oink, FAIL—you’re in jail: Kansas bank chief exec Shan Hanes stole money from investors, a church and others to buy cryptocurrency to feed a scam.

The post Pig Butchering at Heart of Bank Failure — CEO Gets 24 Years in Jail appeared first on Security Boulevard.

High threat level vulnerability CVE-2024-38178 discovered on Microsoft Edge browser : OFFICIAL CVE-2024-38178 PATCHING INFORMATION : A recent discovery has unveiled CVE-2024-38178, a critical vulnerability within Microsoft Windows, which impacts Internet Explorer mode in Microsoft Edge. With a CVSS v3 score of 7.5, CVE-2024-38178 poses a high threat level by enabling attackers to execute code...

The post CVE-2024-38178 Vulnerability within Microsoft Edge appeared first on TrueFort.

The post CVE-2024-38178 Vulnerability within Microsoft Edge appeared first on Security Boulevard.

The adoption of Cloud Native Application Protection Platforms (CNAPPs) has surged, reflecting a growing recognition of the need for comprehensive security across cloud environments. According to industry reports, the global CNAPP market is projected to grow at a CAGR of over 25% from 2023 to 2028 – and 40% of enterprises already have one. This […]

The post CNAPP found identity problems. How are you fixing them? appeared first on Security Boulevard.

In today’s hyper-connected digital landscape, APIs are the lifeblood of innovation, powering everything from customer experiences to internal operations. However, with this growing reliance on APIs comes a dark side—zombie and shadow APIs. These hidden, forgotten, or undocumented endpoints present significant security risks that traditional approaches simply can’t address. In this post, we’ll explore why these APIs are so dangerous and why Salt Security is the only solution capable of securing your entire API ecosystem.

What Are Zombie and Shadow APIs?

Before diving into the risks, it’s essential to understand what we mean by zombie and shadow APIs:

• Zombie APIs are endpoints that were once used but are now outdated, deprecated, or forgotten. These can linger in your environment long after they’re needed, exposing potential vulnerabilities.
• Shadow APIs are those created without the knowledge or approval of security teams. They often emerge when development teams build new endpoints without properly documenting or integrating them into the formal API management processes.

Both types of APIs are typically overlooked by traditional security tools, yet they are ripe targets for attackers. Unmonitored and unmanaged, these endpoints can provide easy access points for data breaches, unauthorized access, and other malicious activities.

The Risks of Zombie and Shadow APIs

The hidden nature of these APIs makes them particularly dangerous. Here are a few key reasons why:

1. Lack of Visibility: Without complete visibility into your API inventory, it’s impossible to secure what you don’t know exists. Zombie and shadow APIs are often undocumented, making it easy for them to fall under the radar.
2. Inconsistent Security Posture: These APIs might not adhere to current security standards, leaving them vulnerable to attacks like SQL injection, authentication bypasses, or data exfiltration.
3. Compliance and Data Privacy Risks: Undocumented APIs can inadvertently expose sensitive data, leading to compliance violations and hefty fines under regulations like GDPR and CCPA.
4. Operational Inefficiencies: Managing zombie and shadow APIs drains resources and introduces unnecessary complexity. Developers and security teams waste valuable time tracking down and mitigating issues with APIs that shouldn’t even exist.

Why Traditional Tools Fail to Address These Issues

Legacy security tools and API management platforms are ill-equipped to handle the dynamic and often chaotic nature of modern API environments. They rely on manual processes, static documentation, or simple API gateways that can’t adapt to the fluid development cycles and sprawling microservices architectures seen today. This leaves a critical gap in security that attackers are all too eager to exploit.

How Salt Security Solves the Zombie and Shadow API Problem

Salt Security’s API Protection Platform stands alone in its ability to discover, monitor, and secure every API in your environment—no matter how obscure or hidden it may be. Here’s how:

1. Comprehensive API Discovery: Salt Security continuously and automatically discovers all APIs in your environment, including zombie and shadow APIs. Our platform dynamically maps your entire API landscape, providing the full visibility you need to identify risks and eliminate blind spots.
2. API Posture Governance: Once discovered, Salt Security allows you to apply posture governance rules to bring them into compliance with your organization's regulatory or industry-specific guidelines. This helps to dramatically lower the risk profile that these shadow and zombie APIs presented before.
3. Advanced Behavioral Analysis: Using machine learning and AI, Salt Security analyzes the behavior of every API, identifying anomalies, outdated endpoints, and undocumented activity that could indicate a zombie or shadow API. This proactive approach lets you detect issues before they become full-blown security incidents.
4. Real-time Threat Detection and Response: Our platform doesn’t just discover hidden APIs—it actively protects them. Salt Security’s real-time threat detection capabilities ensure that even the most obscure APIs are monitored and secured against attacks. Deep insights into each API’s behavior allow us to quickly identify and mitigate threats specific to zombie and shadow APIs.
5. Extend API Security Left: Salt Security integrates seamlessly into your development pipeline, ensuring that zombie and shadow APIs are addressed at the earliest stages of development. By embedding governance and security into the CI/CD process, we help prevent the creation of risky, undocumented APIs from the start.

Why Salt Security Is the Only True Solution

While other solutions may claim to offer API protection, none provide the end-to-end capabilities needed to fully secure zombie and shadow APIs. Salt Security offers the most comprehensive AI-infused platform for API security, combining deep discovery, continuous monitoring, governance, and proactive threat detection. Our solution not only finds hidden APIs—it safeguards them, ensuring your organization’s API landscape remains resilient, compliant, and secure.

Conclusion

Zombie and shadow APIs represent a hidden yet significant threat to your organization’s security posture. With traditional tools falling short, it’s time to rethink your API security strategy. Salt Security’s unique capabilities make it the only solution capable of addressing the full spectrum of API threats—including those you can’t see.

By choosing Salt Security, you can rest assured that your APIs—documented or not—are fully protected, enabling your business to innovate without compromise.

If you want to learn more about Salt and how we can help you on your API Security journey through discovery, posture management, and run-time threat protection, please contact us, schedule a demo, or check out our website.

The post The Hidden Dangers of Zombie and Shadow APIs—and Why Only Salt Security Can Tackle Them appeared first on Security Boulevard.

We’re excited to announce the integration of Azure Boards into Strobes, enhancing your project management capabilities and streamlining your vulnerability tracking processes. Azure Boards Overview: Azure Boards is a project...

The post Introducing Azure Boards Integration in Strobes appeared first on Strobes Security.

The post Introducing Azure Boards Integration in Strobes appeared first on Security Boulevard.

This post walks through the vulnerabilities we disclosed affecting Gradio, and our work with Hugging Face to harden the Spaces platform after a recently reported potential breach.

The post NTLM Credential Theft in Python Windows Applications appeared first on Horizon3.ai.

The post NTLM Credential Theft in Python Windows Applications appeared first on Security Boulevard.

Discover why Escape is a better API security solution.

The post Escape vs Rapid7 appeared first on Security Boulevard.

EOL operating systems no longer receive critical security updates, leaving them highly vulnerable to evolving cybersecurity threats. End-of-life OSs often struggle to run modern software and hardware, resulting in compatibility issues, reduced performance, and lower productivity. Organizations using EOL systems face increased legal and financial risks due to non-compliance with regulations and the high costs […]

The post The Risks of Running an End Of Life OS – And How To Manage It appeared first on TuxCare.

The post The Risks of Running an End Of Life OS – And How To Manage It appeared first on Security Boulevard.

According to an updated advisory from the United States (US) Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation (FBI), the BlackSuit ransomware strain is known to have had demands totaling up to $500 million in payments. In this article, we’ll dive into the details of the ransomware attacks, determine who the key […]

The post BlackSuit Ransomware Threat Actors Demand Up To $500 Million appeared first on TuxCare.

The post BlackSuit Ransomware Threat Actors Demand Up To $500 Million appeared first on Security Boulevard.

There are significant gaps in cyber resilience, despite growing confidence in organizational strategies, according to a Cohesity survey of 3,100 IT and security decision-makers across eight countries.

The post Cyber Resilience Lacking, Organizations Overconfident appeared first on Security Boulevard.

It’s easy to find vulnerabilities. It’s harder to prioritize and fix them. 

So far in 2024, there has been an average of over 110 CVEs disclosed per day. Compounded with all the vulnerabilities disclosed in the last two decades, security teams are faced with triaging thousands and thousands of vulnerabilities and deciding which ones need to be fixed first. 

Vulnerability prioritization remains a critical challenge for security teams—but machine learning offers solutions to lessen the burden of analysis.

The right vulnerability prioritization strategy to employ depends on the nature of your business, your tech architecture, and more. Given all the different prioritization criteria we hear from customers, we set out to build Dazz Priority Scores, which we announced earlier this year. 

Dazz Priority Scores uses context such as issue exploitability, exposure, severity, business impact, and root causes to help customers quickly identify the most critical issues to fix out of potentially thousands discovered by their detection tools. By using Dazz Priority Scores, customers reduce the backlog of vulnerabilities that need to be further analyzed by an order of magnitude.

The magic behind Dazz Priority Scores

The Dazz Unified Remediation Platform uses machine learning to continually assess a customer’s risk landscape. To calculate a Priority Score, the Dazz platform considers the following factors:

• Business context: taking into account which applications, data, and infrastructure resources are impacted by specific vulnerabilities
• Risk context: assessing the vulnerability severity, exploitability, and threat intelligence available for any vulnerability
• Environment context: understanding where the vulnerability originates, what’s impacted downstream, and what remediation and mitigation steps are available

Given these factors, Dazz calculators “sub scores” which can be bucketed into:

• Risk scores
• Asset scores
• Remediation scores

Let’s take a look at each. 

Risk scores

Risk scores assess all factors of a given vulnerability. To start, Dazz considers the severity from the source detection tool of a vulnerability. If a vulnerability has been seen by multiple sources, customers can apply their own logic to normalize a severity rating.

On top of severity, Dazz considers exploitability data from CISA KEV, EPSS, and other threat intelligence sources. Finally, Dazz takes into account customer-defined SLAs. If a vulnerability has breached its SLA date set by the customer, the risk weighting will be greater.

Asset scores

Asset scores take into account the business context of applications, data, and infrastructure resources associated with any vulnerability. By ingesting data from CMDBs, directories, and other platforms, Dazz automatically correlates vulnerabilities with business context. Dazz Business Units allows customers to enrich the correlation of vulnerabilities and auto-assign certain owners depending on the resources impacted by any vulnerability.

Dazz can also glean other characteristics about vulnerabilities to weight them as a greater risk, like whether they impact internet-facing resources or applications through reachable code.

Remediation score → effort to fix

The final element of Dazz Priority Scores considers remediation actions. This is often one of the most sought after elements that customers haven’t been able to attain before using Dazz. By determining the root cause of vulnerabilities, Dazz understands the relative effort required to fix it. Dazz can also outline the best remediation and mitigation options available, highlighting which will be most effective given the environmental context of the vulnerability.

Furthermore, Dazz can understand when multiple vulnerabilities stem from the same root cause. The concept here is that vulnerabilities that share a root cause may be weighted higher since the risk reduced upon remediation is far greater than a single vulnerability in isolation.

Putting it all together

Dazz Priority Scores = weighted asset risk score + weighted risk score + weighted remediation score. 

Scores are calculated on a scale of 0-100 for each finding, with 100 being the highest score. Customers can understand which factors contributed to any score, and customize weights according to what makes the most sense to their business.

Since machine learning underpins the model, Dazz Priority scores get better and better as it’s applied to billions of vulnerabilities across our customer base.

If you’d like to learn more about Dazz Priority Scores and try it for yourself, contact us today.

The post How we improved vulnerability prioritization with machine learning appeared first on Security Boulevard.

In the escalating battle against malicious headless bots, basic detection methods are no longer sufficient. As cybercriminals refine their techniques and leverage headless browsers to automate attacks with increasing sophistication, the need for advanced detection strategies has never been more critical. This blog post dives into the world of headless browsers, exploring how they are […]

The post The Growing Challenge of Headless Browser Attacks: How to Defend Your Digital Assets appeared first on Security Boulevard.

The post How Swimlane Can Help SOC Management appeared first on AI-enhanced Security Automation.

The post How Swimlane Can Help SOC Management appeared first on Security Boulevard.

Cary, NC, Aug. 22, 2024, CyberNewsWire — INE Security, a global cybersecurity training and certification provider, recently launched initiatives with several higher education institutions in an ongoing campaign to invest in the education of aspiring cybersecurity professionals.

“There is … (more…)

The post News alert: INE Security launches initiatives in support of aspiring cybersecurity professionals first appeared on The Last Watchdog.

The post News alert: INE Security launches initiatives in support of aspiring cybersecurity professionals appeared first on Security Boulevard.

Application Security Posture Management (ASPM) is a strategy designed to unify and improve the security of your applications. It pulls together various security practices, like static application security testing (SAST), software composition analysis (SCA), secrets detection, and infrastructure as code (IaC), into a single, cohesive platform.

The post What is Application Security Posture Management (ASPM) appeared first on OX Security.

The post What is Application Security Posture Management (ASPM) appeared first on Security Boulevard.

Authors/Presenters:Khaled Serag, Rohit Bhatia, Akram Faqih, and Muslum Ozgur Ozmen, Purdue University; Vireshwar Kumar, Indian Institute of Technology, Delhi; Z. Berkay Celik and Dongyan Xu, Purdue University

Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott; and via the organizations YouTube channel.

Permalink

The post USENIX Security ’23 – ZBCAN: A Zero-Byte CAN Defense System appeared first on Security Boulevard.

A report published today by Critical Start, a provider of managed cybersecurity services, finds cyberattacks in the first half of 2024 continued to focus on vertical industries that are rich in critical data that can either be encrypted or stolen. For example, the manufacturing and industrial products sector remains the top targeted industry sector, with..

The post Report: Manufacturing Remains Atop Cyberattack Leader Board appeared first on Security Boulevard.

Click fraud artificially inflates the number of ad clicks, skewing your campaign data. Clean data is necessary to maximize your ad budget and optimize ROI by reaching real customers.

The post Unveiling the Power of Clean Data: Informed Decisions Drive Success appeared first on Security Boulevard.

The Network and Information Systems Directive 2 (NIS2) regulation goes into effect in October 2024, leaving European Union (EU) member states just a few fleeting months to adopt and publish its compliance recommendations.

The post The countdown to NIS2 is on: Understand its scope and requirements appeared first on Security Boulevard.