Managing Data Retention: Developing a Secure Information Lifecycle Strategy

Managing Data Retention: Developing a Secure Information Lifecycle Strategy

Cyber Security
With rapidly expanding data volumes, effectively managing retention and disposal is critical for security, compliance and operational efficiency. However, without data lifecycle strategies aligning storage to governance policies, organizations struggle balancing accessibility needs with security obligations. This guide provides pragmatic steps for security leaders seeking to implement secure information lifecycle management programs. Classify Information by Sensitivity The first priority is developing a data classification methodology cataloging organizational information assets based on sensitivity and business impact. Effective classification involves: Documenting data types, use cases and legal obligations. Establishing tiered sensitivity labels aligned to handling standards. Applying classifications to information via metadata tagging or container policies. Exactingly categorized data streamlines compliance while enabling precision access controls. Define Retention Schedules Once classified, retention periods can be defined per data type covering both primary storage…
Read More
Breaking Down the Latest October 2023 Patch Tuesday Report

Breaking Down the Latest October 2023 Patch Tuesday Report

Application Security
The October 2023 Patch Tuesday report has been released, providing critical information for organizations and individuals to address security vulnerabilities and software updates. This monthly event plays a crucial role in maintaining the security and stability of the Windows operating system and various other software products people rely on. In this article, we’ll break down the key highlights of the October 2023 Patch Tuesday report, focusing on the most pressing concerns for users and administrators. Notably, Microsoft has released fixes for 105 vulnerabilities in the October 2023 Patch Tuesday report, out of which 12 were rated Critical. Microsoft also warned about the active exploitation of 3 vulnerabilities. Again, as with other Patch Tuesday reports, the Remote Code Execution (RCE) vulnerability has topped the list with 45 occurrences in the list of vulnerabilities. Let’s…
Read More
How to Fix CVE-2023-22515- A Critical Privilege Escalation Vulnerability in Confluence Data Center and Server?

How to Fix CVE-2023-22515- A Critical Privilege Escalation Vulnerability in Confluence Data Center and Server?

Application Security, Futuristic Technologies, Programming & Scripting
Confluence is a popular wiki-based collaboration tool developed by Atlassian that helps teams to collaborate and share knowledge efficiently. Atlassian offers the Confluence Data Center and Server versions for large enterprises that need additional scalability, security, and customizability compared to the SaaS Confluence Cloud version. Recently, Atlassian disclosed an actively exploited critical severity authentication vulnerability in the Confluence Data Center and Server, tracked as CVE-2023-22515. This vulnerability could allow an unauthenticated, remote attacker to create an administrator account and gain full control of the vulnerable Confluence instance. In this blog, we will discuss a summary of the CVE-2023-22515 vulnerability, impacted versions, and step-by-step procedure to fix CVE-2023-22515, a critical severity Privilege Escalation Vulnerability in Confluence.   A Short Note About Confluence Server and Data Center Confluence Server is an on-premises version of Confluence optimized for large enterprises.…
Read More
How to Fix CVE-2023-37476- A Zip Slip Vulnerability in OpenRefine?

How to Fix CVE-2023-37476- A Zip Slip Vulnerability in OpenRefine?

Cyber Security
Security researcher Stefan Schiller from Sonar recently disclosed a critical security vulnerability in OpenRefine that allows unauthenticated attackers to execute arbitrary code on the user’s machine. Sonar published details on this vulnerability on Sep 28, 2023, upon the release of a patch to the flaw. The vulnerability tracked as CVE-2023-37476 has a CVSS score of 7.8, making it high in severity. Sonar shared in its blog that it caught this vulnerability as part of its continued efforts to scan open-source projects for security vulnerabilities using SonarCloud, a free code analysis product for open-source projects. In this blog post, we covered what this Zip Slip vulnerability is, provided background on OpenRefine, summarized the vulnerability, outlined the affected versions, and, most importantly – explained how to fix CVE-2023-37476, a Zip Slip Vulnerability in OpenRefine.…
Read More
How to Upgrade Metasploit Framework on Kali Linux From Metasploit Repository?

How to Upgrade Metasploit Framework on Kali Linux From Metasploit Repository?

Linux, Pen Testing
Metasploit Framework is one of the most popular open-source penetration testing tools used by ethical hackers and cybersecurity professionals. It provides an easy way to find and exploit vulnerabilities on networks and systems. However, like any software, Metasploit needs to be updated regularly to take advantage of the latest exploits, payloads, evasion modules, and other enhancements. Unfortunately, the Metasploit updates are not always available in the standard Kali Linux repositories. So if you rely on the default apt update and apt upgrade commands, you may not have the most recent Metasploit version. In this blog post, we will show you how to easily upgrade Metasploit on Kali Linux directly from the Metasploit repository. This ensures you are running the latest and greatest version with all the newest features. A Short Introduction to Metasploit Framework Metasploit Framework is…
Read More
What are Polyglot Files? Is it Legit or Security Threat?

What are Polyglot Files? Is it Legit or Security Threat?

Cyber Security
Cybercriminals are always looking for new ways to exploit systems and evade security measures. One emerging technique that is raising concerns is the creation of “polyglot files” – files that are valid in multiple formats. In this post, we’ll look at what exactly polyglot files are, how they work, their legitimate and dangerous uses, and how to identify and block them. What is a Polyglot File? A polyglot file is one that is valid in two or more file formats. For example, a file could be both a valid PDF document and a zip archive containing malicious code. The file is created by combining syntax from multiple formats, using constructs that are either common between them or have different meanings in each language. The result is a file that can…
Read More
5 Security Challenges in LLMs and Strategies to Prevent Them

5 Security Challenges in LLMs and Strategies to Prevent Them

Cyber Security
The rise of large language models (LLMs) like GPT has unlocked amazing new capabilities like the generation of human-like text, code, art and more in generative AI. However, as these models become more powerful and widely deployed, major new security risks have emerged that demand our attention. LLMsTrained on vast datasets scraped from the public internet, LLMs can inherit and amplify toxic, biased, and false information. They can be manipulated to spread misinformation or impersonate real humans. Their generative ability can be abused to create convincing fake media or data. Left unaddressed, these security challenges in LLMs threaten to undermine public trust, exclude underrepresented groups, and enable new forms of crime and abuse. Tech leaders creating LLMs have an obligation to anticipate and prevent security challenges in LLMs. In this blog post, we’ll outline the…
Read More
What is There in The Mandiant’s Defender’s Advantage Cyber Snapshot Report- Issue 3

What is There in The Mandiant’s Defender’s Advantage Cyber Snapshot Report- Issue 3

Network Security, Pen Testing, Windows
Mandiant recently published the latest edition of The Defender’s Advantage Cyber Snapshot report. This recurring report aims to arm cybersecurity teams with practical insights from Mandiant’s frontline experience responding to breaches worldwide. The goal is to help defenders maintain their advantage against constantly evolving threats. This new report provides guidance across five key topics organizations are focusing on: moving beyond traditional passwords to more secure authentication methods, navigating the cyber insurance process, detecting attacks by understanding adversary techniques, testing defenses proactively, planning effective incident response, and implementing new security guidelines for critical infrastructure. By sharing challenges and recommendations learned from real-world attacks, the report enables security leaders to make more informed decisions. Organizations can leverage The Defender’s Advantage findings to continuously strengthen cyber defenses. The report is one way Mandiant supports…
Read More
How to Fix CVE-2023-26077(8)- Two Critical 0-Day Vulnerabilities in Atera Windows Installers?

How to Fix CVE-2023-26077(8)- Two Critical 0-Day Vulnerabilities in Atera Windows Installers?

Network Security, Pen Testing
Abusing Windows software is the most common thing. However, the sad news is letting attackers abuse is also very common. Most likely this happens due to several reasons, some of them are lack of knowledge, poor security practices, ignoring security standers, and anything that gives a way for attackers to compromise. We will talk about one such instance in this post. Mandiant discovered two critical 0-day vulnerabilities in Atera Windows installer applications. The vulnerabilities are given the identifiers CVE-2023-26077 and CVE-2023-26078, however their CVSS scores are not determined during the publish of this post. The first flaw could allow the attackers to execute arbitrary code execution as SYSTEM during the repair operation. The second flaw allows attackers to escalate privilege by spawning a command prompt window that further enables the attacker to perform tasks…
Read More
How to Secure Your Outlook from CVE-2023-23397- A Critical Elevation of Privilege Vulnerability in Outlook?

How to Secure Your Outlook from CVE-2023-23397- A Critical Elevation of Privilege Vulnerability in Outlook?

Pen Testing
It’s been a quarter now, but this critical Outlook vulnerability is still one of the hot topics in the security world. Upon public this flaw, there were many security firms, researchers, and threat hunters working on this Outlook vulnerability. Your guess is correct. We are talking about the Critical Microsoft Outlook vulnerability which is being tracked under the CVE ID- CVE-2023-23397. A vulnerability that could be easily exploitable by sending an Outlook message or calendar. Although it has been several weeks now, we still urge all Outlook users to secure your Outlook from CVE-2023-23397; successful exploitation of this vulnerability can result in unauthorized access to an organization’s environment by triggering a Net-NTLMv2 hash leak. Let’s understand some technical details about the CVE-2023-23397 vulnerability like, what is CVE-2023-23397, how it works,…
Read More