Iftach Ian Amit

Download Pentera Labs Report - revealing three new critical injection points in the ingress-nginx controller, building on Wiz’s IngressNightmare CVE. These overlooked vulnerabilities could let attackers hijack traffic, spoof headers, or reach unauthorized backend services - They exist in one of the most widely used ingress controllers in Kubernetes, putting countless environments at risk. This research highlights how small misconfigurations can lead to major exposure in modern cloud-native architectures. What’s Inside: ✅ 3 new injection vulnerabilities in ingress-nginx ✅ How attackers find and exploit CVEs in open source ✅ Actionable tips to secure your Kubernetes environment https://lnkd.in/eHtX6EdP

6

1 Comment

Here’s a pattern I’m seeing more often: More sites. More assessments. More reporting expectations. Same headcount. Security teams are being asked to scale output without scaling structure. So what happens? Assessments become episodic. Reporting takes too long. Prioritization becomes subjective. And leaders spend more time translating risk than reducing it. This isn’t a capability issue. It’s an architecture issue. At some point, physical security has to operate with the same operational discipline as finance and IT. Otherwise it stays in permanent catch-up mode. For security people overseeing medium to large portfolios (20+ sites): What’s currently your biggest bottleneck volume, visibility, or validation? And why do you think this is?

5

1 Comment

After lengthy late-night discussions with Cédric Bonhomme on sightings and KEV formats, we produced a first draft of a generic format for Known Exploited Vulnerabilities (KEV).  Initially, we considered extending GCVE BCP-05 using the CVE Record format. However, we ultimately concluded that it may be more appropriate to define a standalone format, allowing sources to publish their KEV data independently. Feel free to comment on the discourse link below. KEV Assertion Format – Draft Specification (potential BCP?) This format describes a generic KEV (Known Exploited Vulnerability) assertion format. The goal is to express who claims exploitation, when, based on what, where it was observed, and with which level of confidence, without turning KEV into full threat intelligence. A KEV assertion is usually very binary and lacking some meta-information. The format adds some information which could better capture details about the exploitation. A majority of the fields are optional except vulnerability, status and evidence.[].source which are recommended. 🔗 https://lnkd.in/eaBUFXie GCVE-EU CIRCL (Computer Incident Response Center Luxembourg) CVE Program

145

11 Comments

Detection rules aren’t set-and-forget. Map them to MITRE ATT&CK tactics to track coverage & gaps. Start with crafting, then testing, deploying, and tuning—repeat. It’s a cycle that turns alerts into actionable intel. Stay sharp, stay ahead. 🔍 #CyberDefense #MITREATTACK

1

🚨 Just released: Corero’s 2025 Threat Intelligence Report 🚨 DDoS atacks are no longer just big floods.They're frequency, evasion, and protocol pivoting. Key insights: • 11 attacks/day avg. in 2024 • Mid-size attacks declining • Multi-vector attacks on the rise Read the release: https://bit.ly/44kLkn0

15

Most security teams run on a dozen different tools. Crisis detection systems, notification feeds, GSOC dashboards, case management systems, travel risk management platforms, risk models, and site assessment systems. The list goes on. Each one needs location threat intelligence, but few actually have it. That's the problem we built our API to solve. Customers have been loving our API since it was first released, and the use cases keep expanding. Today we're making it official with a dedicated API page on our site that breaks down exactly how security teams integrate Base Operations into their existing tech stack. Here's what it enables: 𝗚𝗦𝗢𝗖 𝘁𝗵𝗿𝗲𝗮𝘁 𝗺𝗼𝗻𝗶𝘁𝗼𝗿𝗶𝗻𝗴. Feed BaseScore and detailed threat breakdowns directly into your operations center. Your analysts get standardized risk context for every location they monitor without switching tools. 𝗖𝘂𝘀𝘁𝗼𝗺 𝗿𝗶𝘀𝗸 𝗺𝗼𝗱𝗲𝗹𝗶𝗻𝗴. Our API provides BaseScore and 16 standardized threat categories at sub-mile granularity. So you can build crime and unrest threats directly into your risk model across every location. 𝗧𝗿𝗮𝘃𝗲𝗹 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗮𝗻𝗱 𝗱𝘂𝘁𝘆 𝗼𝗳 𝗰𝗮𝗿𝗲. Connect local threat data to your travel management platform so you implement policies effectively and provide recommendations to your people. 𝗦𝗶𝘁𝗲 𝗮𝘀𝘀𝗲𝘀𝘀𝗺𝗲𝗻𝘁 𝗮𝗻𝗱 𝗽𝗼𝗿𝘁𝗳𝗼𝗹𝗶𝗼 𝗺𝗼𝗻𝗶𝘁𝗼𝗿𝗶𝗻𝗴. Query and compare threat profiles for any location across 5,000+ cities using the same consistent methodology. Most teams complete integration in 5-30 days. No rebuilding your stack. No 12-month data engineering projects. One REST API that connects once and feeds local intelligence everywhere it's needed. Check out the full API page to explore endpoints, specs, and use cases: https://lnkd.in/endwHPcT

21

2 Comments

Most security teams think they need better tools. What they really need is better understanding of the tools they already have. SIEM. EDR. Threat intelligence. Dashboards. Tickets. All producing data. Very little producing clarity. This is the gap CyberFuse and SecLM solve. Your SOC does not need more tools. It needs better understanding. www.cyberfuse.net #CyberFuse #SecLM #SOCFusion #CISO #SIEM #EDR

9

1 Comment

The DVMS Institute has partnered with Navvia to deliver next-gen cyber governance, resilience, and training via Navvia’s NIST CSF assessment and process modeling platform. We are thrilled to partner with Navvia to bring a truly operationalized approach to digital value governance and cyber resilience. The combination of DVMS Institute’s cyber resilience overlay system and Navvia’s powerful NIST-CSF assessment and process design and management platform provides organizations with a comprehensive solution for aligning governance, risk, and performance assurance with their digital risk and value management strategy.” David Mainville, CEO of Navvia, shared similar enthusiasm: “Our mission has always been to simplify and accelerate an organizational ability to assess and document its governance, compliance, and service improvement initiatives. With the introduction of our new Cybersecurity Framework assessment tool - combining NIST CSF with ITSM Processes, and our partnership with the DVMS Institute, we offer clients a best-in-class solution to assess, build, measure, and sustain cyber resilience and governance excellence. We are helping organizations turn cybersecurity from a reactive technical problem into a strategic business advantage.” For more information about Navvia’s NIST CSF assessment solution and the DVMS Institute’s digital value management frameworks, visit www.navvia.com and www.dvmsinstitute.com . https://lnkd.in/gKKQMBju

13

2 Comments