On March 29, 2022, a security researcher with the handle p1n93r disclosed a Spring Framework remote code execution (RCE) vulnerability, which was archived by vx-underground. This vulnerability, known as Spring4Shell, affects applications that use JDK v9 or above that run Apache Tomcat as the Servlet Container in a WAR package and use dependencies of the…
Read
Original post: https://www.trustedsec.com/blog/the-defensive-security-strategy-what-strategy/ Massive exposures and attacks, such as recent SolarWinds and Exchange exploit issues, have been common news lately. While the security landscape has advanced and changed, these massive exposures are continuing to occur. The question is why, and how, are they occurring? While common issues are often leveraged, the mentality around them is…
Read
An organization’s overall security posture can be viewed from multiple different angles, such as technical assessments, program assessments, controls assessments, and risk assessments. A number of different frameworks for each of these assessment types exist, intended to help both technical teams as well as leadership organize security program building activities. Some of these include: Penetration…
Read
Deploying a remote workforce is uncharted territory for some organizations, while others have been perfecting the model for years. Most security programs have different ways to handle their workforce. For on-premise users, which has traditionally used more of castle mentality where you attempt to prevent outsiders from penetrating the network perimeter (similar to a castle…
Read
There is no denying that the COVID-19 pandemic is significantly impacting many people’s daily lives, with “social distancing” quickly being added to the social lexicon, schools closing, and events being canceled. Additionally, many businesses are rapidly moving to a remote and work from home model. While many organizations already have a large number of employees…
Read
Cuckoo is written in the programming language Python and utilizes multiple Python libraries. First step is to verify that these libraries are in place and up to date. Cuckoo’s Documentation does a good job of listing the commands, but can be confusing. The following will outline the commands needed to install Cuckoo and provide a…
Read
There are many different options for malware analysis sandboxes. Most involve submitting samples to an online sandbox and getting a report back. While for the most part this is great, the reports contain the basic information on the type of malware and if it has been seen before. BUT what if you want to know…
ReadSo much has been written on security versus compliance and continual compliance that it seems at times that discussing it is beating a dead horse. That being said, it is a dead horse that needs to be beaten, as we continuously come across situations where organizations find themselves in a mad dash to get into…
Read
Too often organizations spend their security budget in ways that don’t necessarily make the most sense for them. Whether this be purchasing unnecessary appliances or securing an overly broad area, wasting valuable and often scarce security dollars isn’t good for anyone, except perhaps those providing the unnecessary services. A risk assessment, as the name suggests,…
Read