Hi there,
It’s no secret that security today isn’t up to standard.
It’s unreliable, too expensive, lacks transparency into how the technology works, and many business leaders have difficulty understanding the value of cybersecurity and finding justification for its cost.
We’re thrilled to have had Kevin Qiu, Director of Information Security at SafeBase and Founder of TechEx, a coalition of security experts who build security programs from scratch for businesses, on with our CEO Grant Wernick to chat about the upgrades needed to turn the industry around. (Hint: startups have the opportunity to commit to securing companies regardless of their size and pave the way toward a new mindset and collective openness to security).
More You Should Know
Accessibility to security is urgently needed by small and medium-sized businesses (SMBs) now more than ever, as they make up an alarming 48% of all cyberattack victims.
Proactively monitoring your environment for compromised accounts reduces the risk of insider threats that can incite an attack, most of whom are external hackers that take over employee accounts to seize data. The 3 types of insider threats are (1) Inadvertent, (2) Malicious, and (3) Third-party.
A few examples of red-flag behaviors to look out for:
- A user logging in at unusual times or locations
- A user logging into systems they don’t normally touch
- A user asking for, giving, or receiving elevated credentials
- A user downloading files at a much higher rate than usual
If you have a compromised employee account, you can change the employee’s credentials and educate them and your population on security (there are free and paid courses online). In the event of a bad actor, you can shut down the user’s access. For sophisticated teams, honey pot traps are ideal for understanding motive and source.
When it’s too late and you’ve been breached...
Post-cyber attack crisis management requires a special kind of crisis communication. 5 ways to know for sure you’re ready to address the public:
- Include a senior communications team member in your cyber incident response team to ensure bridging the gap between IT, legal, the C-suite, and outside partners
- Carefully vet communications to avoid further inciting threat actors
- Keep up to date with compliance and reporting requirements
- When it comes to how you respond, prioritize accuracy - not speed
- Implement a cloud-based communication system to contact stakeholders in case primary channels are impacted during a cyber attack
Emerging Threats
These are a couple of the latest threats in the news. With our continuous Emerging Cyber Threat Analysis, you can evaluate if you are vulnerable, compromised, to what extent, and what to do next for free.
| Critical Flaw Found in Older Cisco Small Business Routers Won't Be Fixed | CISA Warns Admins to Urgently Patch Exchange ProxyShell Bugs |
|---|---|
|
Cisco will not patch a critical vulnerability in Cisco Small Business Routers as the devices reached end-of-life in 2019. The vulnerability: CVE-2021-34730 (CVSS score: 9.8) The issue is located in the routers’ Universal Plug-and-Play service and enables attackers to execute arbitrary code or cause an affected device to restart unexpectedly, causing a denial of service (DoS) condition. The vulnerability is due to improper validation of incoming UPnP traffic. It can be abused to send a special UPnP request to an affected device, resulting in remote code execution as the root user on the underlying operating system. Products impacted:
Cisco recommends that customers disable UPnP on the LAN interface. |
The US Cybersecurity and Infrastructure Security Agency (CISA) urged admins to patch on-premises Microsoft Exchange servers against actively exploited ProxyShell vulnerabilities. Over the weekend, CISA posted: “Malicious cyber actors are actively exploiting the following ProxyShell vulnerabilities: CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207.” Organizations are strongly advised to identify vulnerable systems on their networks and immediately apply Microsoft’s Security Update from May 2021. The update remediates all 3 ProxyShell vulnerabilities and would prevent potential attacks. The following 3 flaws (patched in April and May) were discovered during a hacking contest by Devcore security researcher Orange Tsai: CVE-2021-34473 - Pre-auth path confusion leads to ACL Bypass (Patched in April by KB5001779) CVE-2021-34523 - Elevation of privilege on Exchange PowerShell backend (Patched in April by KB5001779) CVE-2021-31207 - Post-auth Arbitrary-File-Write leads to RCE (Patched in May by KB5003435) |
Fletch Announcements/Updates
Sign up today for free access to Fletch! We are committed to democratizing access to critical answers that help security teams get ahead of cybercriminals. As part of our mission, we are offering our first two solutions for FREE so you can quickly get answers to questions like:
- What cyber threats in the news today impact your environment?
- Are any of your resources vulnerable or compromised?
- If so, to what extent?
- Are any user accounts at your company acting abnormally?
- Are they a security risk?
- If there really is a threat, what should you do next?
Start getting answers to the most common cybersecurity questions and gain peace of mind! The demand for our two solutions has grown tremendously, and we follow a first-come, first-serve model.
