Jim Manico

Happening tomorrow - Secure Software Development Attestation Webinar with Adam Winston of ActZero and Eric Matthews of Parabellyx Cybersecurity

9

🚀"The Identity Navigator" Podcast - New Episode Alert🚀 Episode Title: #17 Continuous Access Evaluation and Twosense - fascinating domain and a wonderful product Some call it continuous MFA, some call it continuous access evaluation, but it's starting to become part of the enterprise security. This can tie back into NIST, Zero Trust Architecture or in  PCI compliance.   It’s just not a different form of MFA, it is more then that and Twosense is leading that space. They can be found online at www.twosense.ai as well as on LinkedIn Tune in now and lets learn more about Continuous Access Evaluation 🎧🔍 https://lnkd.in/ePD9bnjV #TheIdentityNavigator #IAM #Podcast #TechTalk #identityandaccessmanagement #mfa #continuosaccessevaulation

37

1 Comment

Coalition, Inc. provides a unique perspective on cyber threats and trends in their 2024 Cyber Claims report, which reveals that over half of all cyber insurance claims in 2023 originated from email-related frauds like funds transfer fraud and business email compromise. The report also notes an increased risk from boundary devices such as firewalls and VPNs, with businesses using vulnerable devices like Cisco ASA and Fortinet being significantly more likely to file a cyber claim. Additionally, the report highlights an overall increase in the frequency and severity of cyber claims, including a significant rise in ransomware attacks and their associated costs. Blog: https://lnkd.in/eYixsgdA PDF: https://lnkd.in/enyRpnu3 Claims 2024 Download: https://lnkd.in/ecu_43zZ Threat Index 2024 Download: https://lnkd.in/eEhyFVtw #Coalition #cyber #risk #insurance #cybercrime #threat #CTI #threatintelligence #ransomware #exploits #cyberclaims

33

🔐 Introducing Cutting-Edge Remote Code Execution (RCE) and Zero-Day Exploits for Sale 🔐 We are excited to announce that Cosmo Exploit Group LLC is now offering advanced remote code execution (RCE) exploits and zero-day exploits for sale. *(These exploits are for government, military, private sector use only)* Please read our Legality Guide on our page. Prices vary starting at 1 Million USD and up for RCE's and Prices vary for Zero-Days. Unlike Zerodium, which purchases these exploits, we take pride in creating and discovering them in-house. Our dedicated team of cybersecurity professionals ensures that each exploit is meticulously developed and securely maintained. Our RCE and zero-day exploits cover various devices and platforms, providing unparalleled opportunities for organizations looking to bolster their security testing capabilities. By keeping these exploits locked away, we guarantee exclusivity and superior quality for our clients. 💼 Why Choose Cosmo Exploit Group LLC? In-House Expertise: Our team of experts develop and discover all exploits internally, ensuring high standards and reliability. Exclusivity: Our exploits are kept secure and exclusive to our clients, offering a unique edge in cybersecurity defense. Comprehensive Coverage: We offer exploits for a wide range of devices and platforms, catering to diverse security needs. 📩 Get in Touch Interested parties can reach out to us directly for more information and to discuss their specific requirements. Together, we can enhance your cybersecurity posture with the latest advancements in RCE and zero-day exploits. 🔍 #CyberSecurity #ZeroDayExploits #RCEExploits #InHouseDevelopment #CyberDefense #CosmoExploitGroup #AdvancedSecurity #CyberThreats #InformationSecurity Contact: https://lnkd.in/gyvVeU8M

1

This breach at #GlobeLife serves as a reminder that security isn't a one-time setup — it's a continuous process. Regular audits of access permissions and user identity management are essential. Orgs have to continuously evaluate their security posture to address vulnerabilities before they are exploited.

3

Imagine increasing the reliability, efficiency, and simplicity of your #appsec testing. Throughout my career helping clients successfully navigate the challenges of software security assurance, this question and concern regularly surfaces:   “Can't we make our app security testing more effective and affordable?” This directly reflects the challenges organizations face with application security. Balancing necessity with cost and other formidable impacts can seem impossible. With my expanding expertise paralleling technological advances, I confidently affirmed, 'Yes, there is a solution.' Driven by this belief, I established True Positives in 2020, offering businesses a streamlined and economical approach to navigating the complexities of web application security testing amidst a multitude of tools and a continually shifting threat landscape, even with limited resources. Our charter is to help alleviate the burden of balancing necessity with cost, providing a sense of reassurance and confidence in your application security. We help clients to: 📊  Boost assurance levels and trim costs with prescriptive strategies  ⚙️ Harness the power of the latest advancements in security automation tools. 💼 Optimize your purchasing potential through strategic sourcing techniques. 🛠️ Unlock the advantages of outsourced Application Security Testing (AST). Shoot me a message to learn more or to arrange to get solid outside advice or opinion. #owasp #datasecurity #dataprotection #webapplicationsecurity

7

Should threat modeling be left solely to the security team? We don't think so! Recently, Tanya Janca joined 😷 Adam Shostack, Izar Tarandach 🎗️ and Jason McDonald to discuss threat modeling for developers. Watch the full episode here: https://lnkd.in/grQFgAiZ CC: OWASP® Foundation

14

⚠️Medium Risk Vulnerability Alert⚠️: CVE-2024-28148 An authenticated user could potentially access metadata for a datasource they are not authorized to view by submitting a targeted REST API request.This issue affects Apache Superset: before 4.0.0. Users are recommended to upgrade to version 4.0.0, which fixes the issue. CVSSv3.1 Base Score: 4.3 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N) #apachesuperset #apisecurity #owasp https://lnkd.in/dwtnED6Y

9

Funds Transfer Fraud Tsunami - Hang on its going to get bad. I read a lot of cyber newsletters and information. This week - Hub Internationals newsletter stood out to me. They are a large Insurance brokerage that tracks insurance claims and cyber incidents. They were referencing the increase in funds transfer fraud that is tied to the enhanced ability for criminals to use AI and deepfakes in their attacks. Last year (2022 to 2023) they saw a 15% increase in FTF. We are at the beginning of a tsunami in increased fraud. I feel like a canary in a coal mine and and few are noticing that the canary is not singing anymore. #deepfake #training #cybertraining #Drip7 ----------------------------------- In one shocking real-life example, fraudsters used AI to create fake virtual images of finance leaders attending a multi-person video conference call. The result? A finance team leader sent $25 million to the scammers because the employee believed he was on a real video call with the company’s CFO and other senior employees. While most people say they’d never fall for such an obvious scam, the rise of AI technology is making it easier for cybercriminals to create elaborate “deepfake” schemes — and making it that much harder for people to distinguish the authentic from the deceptive. The prevalence of these scams — and the financial fallout — continues to rise. Many insurance carriers say funds transfer fraud now rivals ransomware as their top cyber claim. In 2023, funds transfer fraud (FTF) and business email compromise (BEC) made up 56% of all cyber claims. FTF increased 15% and claim severity rose 24% between 2022 and 2023, with losses averaging $275,000 per claim. With $2.9 billion in reported losses in 2023, business email scams were the second-costliest type of cybercrime behind investment scams.

12

The latest update for #Indusface includes "CVE-2024-27348 – A Critical RCE Vulnerability in Apache HugeGraph Server" and "15 Best #APISecurity Tools in the Market in 2024". #cybersecurity #infosec https://lnkd.in/euZhNK3x

1

"Hacking is simply the practical application of knowledge," says Kevin O'Connor, Director of Threat Research at Adlumin. His unique journey, from high school hacking to working for the NSA and now leading our Threat Research Team, is one worth noting 🚀 Read the full article as Kevin sits down with SecurityWeek's Kevin Townsend for Hacker Conversations: https://hubs.li/Q02tdhdm0

22

In my latest blog post, I discuss the role of weak fingerprinting signals in the context of bot and fraud detection. I use the example of language-related signals to illustrate how even signals that may look insignificant can be leveraged to detect inconsistencies introduced by bot frameworks and anti-detect browsers. https://lnkd.in/eZ2hcKeH

35

4 Comments

Context. We use this word a lot when referring to vulnerabilities but not so much when planning tests. Context in = context out Providing a decent tool/human with information such as change history & previously discovered vulnerabilities you are likely to see a higher quality in the vulnerabilities being reported.

5

Usually I'd summarise my thoughts here, but instead I'd like to put the question to all the pentesters in my network... How do you think additional context can make penetration testing more efficient?

3

7 Comments

I have fun writing unique intros for every episode of Application Security Weekly. Here's what I crafted for episode 283. ---- What if #appsec wrote aviation safety scripts? Welcome to flight ASW 283. The captain has turned on the password strength sign, which means that your password must meet an annoying list of requirements as this flight is not equipped for passkeys. There are several emergency exits on this aircraft. Take a moment to locate the exit nearest you, keeping in mind that the default choice is probably insecure. If there is a loss of cabin pressure, memory safety masks will drop down. To start the flow of code, pull the mask towards you. To tighten the fit, address all the web app vulns that have nothing to do with unsafe memory. In the unlikely event of a water landing, check beneath your seat for a top 10 list of aquatic dangers. Thank you. And please use caution when opening overhead dependencies, as contents may have shifted maintainers. ---- Check out this episode at https://lnkd.in/gnTj6RYW To find more of these intros, check out https://lnkd.in/gMHi9QRk

6