Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Cybersecurity Snapshot: Insights on Log4Shell, the Metaverse, IoT, Pig Butchering, Active Directory

Cybersecurity Snapshot: Insights on Log4Shell, the Metaverse, IoT, Pig Butchering, Active Directory

Get the latest on Log4Shell’s global remediation status; the need for metaverse security rules; a shutdown of “pig butchering” domains; tips for secure IoT products; an informal poll about AD security; and more! 

Dive into six things that are top of mind for the week ending Dec. 2.

1 - Tenable: 72% of organizations still vulnerable to Log4Shell

Tenable this week provided an eye-opening reality check into the global remediation status of the Log4Shell vulnerability. To assess the scope and impact of Log4Shell – discovered almost a year ago – Tenable’s Research team conducted a telemetry study based on data collected from over 500 million tests and found that as of October 1, 2022:

  • 72% of organizations remain vulnerable to Log4Shell.
  • After being fully remediated, 29% of vulnerable assets saw the reintroduction of Log4Shell.
  • Among North American organizations, 28% have fully remediated, followed by Europe, Middle East and Africa (27%); Asia-Pacific (25%); and Latin America (21%).

Tenable: 72% of organizations still vulnerable to Log4Shell

These results show how difficult it is to attain full remediation for this pervasive vulnerability in the ubiquitous Log4j component, and serves as a reminder that vulnerability remediation isn’t a “one and done” effort, Tenable Chief Security Officer Bob Huber said. 

“Eradicating Log4Shell is an ongoing battle that calls for organizations to continually assess their environments for the flaw, as well as other known vulnerabilities,” Huber said.

For more information, read Tenable’s press release. You can find more coverage and analysis about the findings at TechTarget, Security Week, Inside Cybersecurity, BetaNews and ISSSource.

For more guidance on Log4j, check out:

2 - CISA beefs up critical infrastructure resilience plan

CISA has updated its Infrastructure Resilience Planning Framework (IRPF), which it first released in 2021 to help state, local, tribal and territorial governments draft better plans for protecting their critical infrastructure assets – both digital and physical.

CISA beefs up critical infrastructure resilience plan
“Because so much of a community’s physical infrastructure is now controlled, in whole or in part, by computers and connected through the internet, planning should consider sound policies and procedures for incorporating cybersecurity improvements into the infrastructure development lifecycle,” reads the document.

For more information about the cybersecurity of critical infrastructure, industrial control systems (ICS) and operational technology (OT):

3 - U.S. seizes “pig butchering” domains used to steal millions

The U.S. Attorney’s Office for the Eastern District of Virginia has taken down seven domains used by cyber criminals in so-called “pig butchering” scams where five victims lost $10 million in recent months.

In these social engineering long cons, fraudsters contact victims via digital channels, such as social media platforms, text messages and dating apps, patiently lure them into a false romantic relationship and then dupe them into handing over money.

Five people in the U.S. were victimized using these seven domains, which spoofed domains of the Singapore International Monetary Exchange as part of a ploy to convince the victims to invest in a non-existent cryptocurrency opportunity.

In October, 11 people were arrested for allegedly participating in “pig butchering” scams in which more than 200 victims were defrauded of almost $18 million.

For more information about “pig butchering” scams:

4 - A temperature check on Active Directory security

As the primary method for user authentication and authorization for 90% of the Fortune 1000, Microsoft’s Active Directory (AD) remains a prime target for cyber attackers. At a recent Tenable webinar, we polled attendees about their approach to AD security, as well as their challenges and priorities. Check out the results below.

What's your approach to Active Directory security?

(126 webinar attendees polled by Tenable, November 2022)

What's your biggest Active Directory security challenge?
(115 webinar attendees polled by Tenable, November 2022)

What are your Active Directory security priorities?

(117 webinar attendees polled by Tenable, November 2022)

For more information about AD security, check out these Tenable resources:

5 - Study: Community guidelines urgently needed in the metaverse

Although the metaverse is still in its early stages, many people already are enthusiastically participating in the immersive experiences of social virtual reality (VR), creating an urgent need for metaverse platforms to establish clear community guidelines.

That’s according to the white paper “A Secure and Equitable Metaverse” from the University of California’s UC Berkeley Center for Long-Term Cybersecurity (CLTC,) which looks at user interactions in social VR, including instances of hate and harassment, reviews existing community guidelines and offers recommendations.

Community security guidelines urgently needed in the metaverse

The guidelines, according to the study, should be:

  • Accessible, meaning they’re clear and easy to understand
  • Comprehensive, in that they should outline “broad, high-level principles” along with more specific “mid-level policies” addressing categories of online harm
  • Specific, meaning they should detail what constitutes violations
  • Transparent, so that they clearly explain the rationale and values behind the rules and policies

To get all the details, read a blog about the white paper and the full 74-page document.

For more information about metaverse cybersecurity:

6 - Tips for building more secure IoT products

Security has often been an afterthought when designing and developing internet of things (IoT) devices and systems, making many of them notoriously vulnerable to cyber attacks. Now the Cloud Security Alliance has identified key security challenges faced by makers of IoT products along with recommendations for overcoming them. Here’s a sampling of CSA’s guidance:

  • Because attackers can easily reverse-engineer IoT products to discover their vulnerabilities, IoT vendors should design them so that they automatically install firmware and software updates that fix critical security flaws.
  • Foster an awareness of the importance of security by training developers in IoT security, as well as create a framework for threat modeling the products.
  • When choosing technologies to build IoT products, take into account not only performance criteria but also security, and take advantage of security features offered by IoT components.

Tips for building more secure IoT products
For more information about IoT security:

Related Articles

Are You Vulnerable to the Latest Exploits?

Enter your email to receive the latest cyber exposure alerts in your inbox.

tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable.io Vulnerability Management trial also includes Tenable Lumin, Tenable.io Web Application Scanning and Tenable.cs Cloud Security.

tenable.io BUY

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable.io Vulnerability Management trial also includes Tenable Lumin, Tenable.io Web Application Scanning and Tenable.cs Cloud Security.

Tenable.io BUY

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now

Try Tenable.io Web Application Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web Application Scanning trial also includes Tenable.io Vulnerability Management, Tenable Lumin and Tenable.cs Cloud Security.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable.io Container Security

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Try Tenable Lumin

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable.io Vulnerability Management, Tenable.io Web Application Scanning and Tenable.cs Cloud Security.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable.cs

Enjoy full access to detect and fix cloud infrastructure misconfigurations and view runtime vulnerabilities. Sign up for your free trial now.

Your Tenable.cs Cloud Security trial also includes Tenable.io Vulnerability Management, Tenable Lumin and Tenable.io Web Application Scanning.

Contact a Sales Rep to Buy Tenable.cs

Contact a Sales Representative to learn more about Tenable.cs Cloud Security and see how easy it is to onboard your cloud accounts and get visibility into both cloud misconfigurations and vulnerabilities within minutes.

Try Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Promotional pricing extended until February 28th.
Buy a multi-year license and save more.

Add Support and Training