New knowledge base compiles Microsoft Configuration Manager attack techniques
“As with most 30-year-old technologies, Configuration Manager was not designed
with modern security considerations,” the SpecterOps researchers said in a blog
post announcing the new resource. “Many of its default configurations enable
various components of its attack surface. Couple that with the inherent
challenges of Active Directory environments and you have a massive attack
surface suffering from a combined 55 years of technical debt.” The researchers
claim they’ve encountered Configuration Manager deployments in almost every
Active Directory environment they’ve investigated, a testament to the utility
and popularity of the platform which allows admins to deploy applications,
software updates, operating systems and compliance settings on a wide scale to
servers and workstations. ... One of the most common insecure configurations for
Configuration Manager encountered by SpecterOps are overprivileged network
access accounts, which is one of the many accounts that SCCM uses for its
various tasks. “We (very) commonly find the network access account to be
configured as the client push installation account (local admin on all clients),
SCCM Administrator, or even domain administrator,” the researchers said.
The IaC Weight on DevOps’ Shoulders
On the one hand, distributing the IaC load lessens the burden on the DevOps
teams, but the downside is that it becomes difficult to understand which
resources are actually in use and which have been temporarily created for
testing purposes. With many owners creating resources on demand, once they are
no longer needed, these leftovers create confusion around dependencies and make
cloud platforms disorganized and difficult to maintain. Just like enabling more
hands to touch IaC creates greater sprawl and disorder, more users with less
governance invite careless sprawl in terms of costs as well. This often results
in duplicate and unused resources accumulating, wasting budgets that are
currently tight, and every penny counts. With a lack of automation and
oversight, environments grow messy and expensive. The sprawl issues can also
impact security, as expanding permissions raises valid security concerns that
are intensified when clouds become disorganized and difficult to maintain.
Well-intentioned developers may misconfigure resources or expose sensitive
systems, and without proper methods to manage drift or misconfiguration, this
can pose real risks to organizations and systems. Another important aspect that
also increases with less oversight is intentional insider risk.
How Observability Is Different for Web3 Apps
Many blockchain networks impose a fee for every transaction relayed over the
network and successfully written to the blockchain. On the Ethereum network,
for example, this fee is known as gas. As a result, it is critical that you
not only monitor the functionality of your Web3 dApp but also pay close
attention to the economic efficiency of it. Transactions that are
unnecessarily large or too many transactions increase the cost of running your
Web3 dApp. ... Decentralized applications rely heavily on smart contracts. A
smart contract refers to a self-executing program deployed on a blockchain and
executed by the nodes that run the network. Web3 dApps depend upon smart
contracts for their operations. They serve as the “backend logic” of the dApp,
running on the “server” (blockchain network). The operations executed by a
smart contract often incur transaction fees. These fees are used to compensate
the nodes that run the blockchain network for the computational power they
provide to run the smart contract code. Additionally, smart contracts often
handle sensitive operations like releasing or receiving funds in the form of
cryptocurrency.
10 Cloud Security Best Practices 2024: Expert Advice
Digital supply chain security must be at the top of every company’s agenda as
organizations increasingly work with third and fourth parties to drive
innovation, said Nataraj Nagaratnam, IBM Fellow and CTO for Cloud Security at
IBM. Modern enterprises require a vast array of hybrid and multi-cloud
environments to support data storage and applications, he said. While industry
cloud platforms with built-in security and controls are already helping
enterprises within regulated industries de-risk the digital supply chain,
including protecting banks and the vendors they transact with, organizations
will need to continue to be diligent. Cloud security services can help reduce
risk and enhance the compliance of cloud environments. He told Techopedia:
“Enterprises must take a holistic approach to their hybrid cloud cybersecurity
strategies by adopting risk management solutions that can help them gain
visibility into third- and fourth-party risk posture while achieving
continuous compliance.” Enterprise technology analyst David Linthicum added
that it’s important for companies to vet and monitor third-party cloud service
providers to ensure they meet security standards and align with the
organizations’ requirements.
Data Governance Coaching: A Newcomer's Journey As A Data Manager
Companies are increasingly recognizing the importance of reliable data for
informed decision-making. At the heart of this transformation are individuals
like me, new data managers tasked with overseeing specific data domains within
the enterprise. The foundational element of this data-driven shift lies in the
role concept, a framework that identifies and nominates data managers based on
their skills, knowledge, and passion for data. Despite their different
expertise and company affiliations, this group has a common goal – to ensure
high-quality data within their respective responsibility areas. Tackling an
initial use case within our data domain is crucial to embark on this journey
successfully. ... The narrative of a data manager’s journey in a
forward-thinking company emphasizes continuous growth through data governance
coaching. A comprehensive approach, including training, use case
implementation, and ongoing support, is successfully operationalizing data
managers. Past insights stress the importance of the close link between
business processes and data management, the seamless identification of data
managers, the operational-level conceptualization, and the recognition of
varied data domains.
Building a Sustainable Data Ecosystem
While data sharing is essential for advancing generative AI technology, it
also presents significant challenges, particularly regarding privacy,
security, and ethical use of data. As generative AI models become increasingly
sophisticated, concerns about potential misuse, unauthorized access, and
infringement of individual rights have grown. Developing sustainable policy
frameworks is crucial to address these challenges and ensure that generative
AI technology is deployed responsibly and ethically. Effective policies can
establish guidelines and standards for data-sharing practices, promote
transparency and accountability, and mitigate risks associated with privacy
violations and misuse of generated content. Moreover, robust policy frameworks
can foster stakeholder trust, encourage collaboration, and contribute to
generative AI technology's long-term sustainability and advancement.
Generative AI is a subset of artificial intelligence focused on creating new
content that mimics or resembles human-generated content, such as images,
text, or sound. This is achieved through machine learning techniques,
including deep learning algorithms such as Generative Adversarial Networks
(GANs), Variational Autoencoders (VAEs), and transformers.
Why Are There Fewer Women Than Men in Cybersecurity?
The tech industry, including cybersecurity, has been rightly criticized for
its "bro culture," which can be unwelcoming and even hostile to women. This
culture is characterized by practices and attitudes that devalue women's
contributions, overlook them for promotions and challenging projects, and
subject them to harassment and discrimination. The recent surge in employee
population growth from other cultures, many of which are used to the
devaluation of women outside of the workforce, doesn’t translate well or do
anything reformative. Such an environment not only discourages women from
remaining in the field but also dissuades others from entering it. The
underrepresentation of women in cybersecurity is also self-perpetuating due to
the lack of visible female role models in the field. Women considering a
career in cybersecurity often find few examples of successful female
professionals to inspire them. This lack of visibility contributes to the
misconception that cybersecurity is not a viable or welcoming career path for
women. The absence of female mentors and role models means that aspiring women
in cybersecurity lack guidance, support and networking opportunities that are
crucial for career development and advancement in any and all fields.
Answers for the IT Skills Gap
One effective strategy is to deploy autonomous automation into your enterprise
storage infrastructure, so it reduces the level of complexity, thereby
decreasing the dependence on specialized IT skills that are becoming harder to
find. With the power of autonomous automation, an admin can manage petabytes
of storage easily and cost effectively. ... A complementary strategy is to
automate the technical support process through Artificial Intelligence for IT
Operations (AIOps). AIOps supports scalable, multi-petabyte
storage-as-a-service (STaaS) solutions, enabling enterprises to simplify and
centralize IT operations and improve cost management. ... A third strategy for
shortening the gap is through storage consolidation. We have a $20 billion
enterprise customer that went from 27 storage arrays from three different
vendors to only four arrays. A Fortune 100 customer dramatically reduced their
storage infrastructure, going from 450 floor tiles to only 50 floor tiles
running all the same applications and workloads. This consolidation had many
benefits, but one of the key ones was reducing the need for IT manpower. You
don’t need such high-level skills with years of experience when the need for
IT resources has been streamlined.
6 CISO Takeaways From the NSA's Zero-Trust Guidance
After tackling any other fundamental pillars, companies should look kick off
their foray into the Network and Environment pillar by segmenting their
networks — perhaps broadly at first, but with increasing granularity. Major
functional areas include business-to-business (B2B) segments, consumer-facing
(B2C) segments, operational technology such as IoT, point-of-sale networks,
and development networks. After segmenting the network at a high level,
companies should aim to further refine the segments, Rubrik's Mestrovich says.
"If you can define these functional areas of operation, then you can begin to
segment the network so that authenticated entities in any one of these areas
don't have access without going through additional authentication exercises to
any other areas," he says. "In many regards, you will find that it is highly
likely that users, devices, and workloads that operate in one area don't
actually need any rights to operate or resources in other areas." Zero-trust
networking requires companies to have the ability to quickly react to
potential attacks, making software-defined networking (SDN) a key approach to
not only pursuing microsegmentation but also to lock down the network during a
potential compromise.
The Role of Enterprise Architecture in Business Transformation
In the context of strategy management, tools such as strategic roadmaps and
business model canvases can support in planning and communicating the business
objectives of your organization. To put the strategy into execution,
businesses need to organize their resources – people, process, information and
technologies – into a composable set of capabilities. These are usually
documented in the form of a business capability map. To provide an overview of
the available and required resources, portfolios such as process portfolio,
application portfolio management, data catalogue and technology radar need to
be in place. One or more capabilities are described in operating models. Here,
organizations define how the elements of the portfolio are connected to
realize the said capabilities. By analysing capability maturity, data quality,
and technology fitness, strategic gaps are identified and roadmaps for
implementation and transformation are specified to close these gaps. ... EA
can serve many initiatives and therefore many stakeholders in your
organization. However, no matter how convenient and simple EA can be, we
cannot expect everyone to be familiar with every aspect of EA, nor with the
modeling languages that are used to implement it.
Quote for the day:
"Leadership means forming a team and
working toward common objectives that are tied to time, metrics, and
resources." -- Russel Honore
No comments:
Post a Comment