Tuesday, April 13, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Privacy

Common Security Misconfigurations and Their Consequences

December 21, 2020
in Internet Privacy
Common Security Misconfigurations and Their Consequences
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Everyone makes mistakes. That one sentence was drummed into me in my very first job in tech, and it has held true since then. In the cybersecurity world, misconfigurations can create exploitable issues that can haunt us later – so let’s look at a few common security misconfigurations.

The first one is development permissions that don’t get changed when something goes live. For example, AWS S3 buckets are often assigned permissive access while development is going on. The issues arise when security reviews aren’t carefully performed prior to pushing the code live, no matter if that push is for the initial launch of a platform or for updates.

You might also like

BRATA Malware Poses as Android Security Scanners on Google Play Store

Indian Brokerage Firm Upstox Suffers Data Breach Leaking 2.5 Millions Users’ Data

What Does It Take To Be a Cybersecurity Researcher?

The result is straight-forward; a bucket goes live with the ability for anyone to read and write to and from it. This particular misconfiguration is dangerous; since the application is working and the site is loading for users, there’s no visible indication that something is wrong until a threat actor hunting for open buckets stumbles upon it.

Careful security reviews of all applications and sites before they get pushed to the live environment – both for initial launch and for update cycles – are critical in catching this type of misconfiguration. Each bucket should be checked to ensure that it has the least viable permissions set on it to allow the platform to work, and nothing more.

On the non-cloud side of the house, one of the most common misconfigurations is not enforcing Group Policy, anti-malware, and other centralized management rules and updates. Laptops that rarely ever connect directly to a company network may go for months without getting these critical changes, leaving them undefended as the security landscape changes.

One common example is a laptop that has been roaming for an extended period. Such a laptop may not be permitted to receive Active Directory Group Policy updates when it isn’t on a VPN or other secured connection, which would lead to its GPO’s becoming out of date over time. This means that prohibited actions or operations may be possible on such a laptop, leaving the protected network exposed when that device finally does connect in such a way that it once more has access to protected resources.

The fix for this is to ensure that devices with access to organizational resources must accept organizational management changes. Tools like AzureAD and de-centralized anti-malware platforms can allow remote devices to receive updates securely. HTTPS connectivity is generally enough for these tools to push updates and enforce policy changes.

Using distributed device management ensures that they are kept in-line with policy, even devices that are only used to access cloud-available resources, like Office365, and do not directly connect to the organization’s protected networks regularly.

Many such tools – especially things like anti-malware systems – don’t even require that the device be managed by Mobile Device Management platforms. This means that even if the device is not otherwise “owned” by the organization, it can still be kept up to date and protected.

While we’re on the subject of remote workers, there is another misconfiguration that occurs with regularity. VPN systems allow remote workers to access company data safely, but a large number of VPN clients default to an insecure configuration out-of-the-box. Split-tunnel VPN configurations route user traffic over the secure network only when protected systems are being accessed but send all other traffic directly to the Internet.

This means that when a user attempts to reach a file server, they do so over the VPN, but a call to Salesforce goes over the unprotected Internet. While this benefits performance, the problem it creates is that a user’s device may create a bridge between the outside world and the internal network. With a bit of social engineering, a threat actor can create a persistent connection to the user’s device and then leverage that user’s VPN tunnel to break into the protected network.

The vast majority of VPN clients support single-tunnel configurations. This means that while the VPN is active, all traffic will route through organizational networks – including traffic destined for external sources. It also means that all traffic will also be subject to the same controls as traffic that is originating from users directly connected to the protected networks.

While misconfigurations can happen very easily, they pose a clear threat to the organization’s security. Taking the time to review security when tools are pushed to live or updated can catch such misconfigurations.

Additionally, companies can deploy continuous security validation tools that continuously challenge and asses digital environments in much the same way as a threat actor does to discover misconfigurations rapidly.

Combining these two approaches of reviews and continuous security validation adds some complexity to projects but is worth every moment spent on ensuring that things are configured adequately at every step of the way.

For more information, visit www.cymulate.com and register for a Free Trial.


Credit: The Hacker News By: noreply@blogger.com (The Hacker News)

Previous Post

Do Citizen Data Scientists Need Special Analytics Tools?

Next Post

Your browser history could soon be a part of your credit score

Related Posts

BRATA Malware Poses as Android Security Scanners on Google Play Store
Internet Privacy

BRATA Malware Poses as Android Security Scanners on Google Play Store

April 13, 2021
Indian Brokerage Firm Upstox Suffers Data Breach Leaking 2.5 Millions Users’ Data
Internet Privacy

Indian Brokerage Firm Upstox Suffers Data Breach Leaking 2.5 Millions Users’ Data

April 13, 2021
What Does It Take To Be a Cybersecurity Researcher?
Internet Privacy

What Does It Take To Be a Cybersecurity Researcher?

April 12, 2021
Windows, Ubuntu, Zoom, Safari, MS Exchange Hacked at Pwn2Own 2021
Internet Privacy

Windows, Ubuntu, Zoom, Safari, MS Exchange Hacked at Pwn2Own 2021

April 12, 2021
Hackers Tampered With APKPure Store to Distribute Malware Apps
Internet Privacy

Hackers Tampered With APKPure Store to Distribute Malware Apps

April 10, 2021
Next Post
Your browser history could soon be a part of your credit score

Your browser history could soon be a part of your credit score

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

These new vulnerabilities put millions of IoT devices at risk, so patch now
Internet Security

These new vulnerabilities put millions of IoT devices at risk, so patch now

April 13, 2021
BRATA Malware Poses as Android Security Scanners on Google Play Store
Internet Privacy

BRATA Malware Poses as Android Security Scanners on Google Play Store

April 13, 2021
6 Limitations of Desktop System That QuickBooks Hosting Helps Overcome
Data Science

6 Limitations of Desktop System That QuickBooks Hosting Helps Overcome

April 13, 2021
ANZ Bank: We’ve been using machine learning for 20 years
Machine Learning

ANZ Bank: We’ve been using machine learning for 20 years

April 13, 2021
Apple looking to close the gap between web and app privacy
Internet Security

Who do I pay to get the ‘phone’ removed from my iPhone?

April 13, 2021
Robust Artificial Intelligence of Document Attestation to Ensure Identity Theft
Data Science

Robust Artificial Intelligence of Document Attestation to Ensure Identity Theft

April 13, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • These new vulnerabilities put millions of IoT devices at risk, so patch now April 13, 2021
  • BRATA Malware Poses as Android Security Scanners on Google Play Store April 13, 2021
  • 6 Limitations of Desktop System That QuickBooks Hosting Helps Overcome April 13, 2021
  • ANZ Bank: We’ve been using machine learning for 20 years April 13, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates