Latest news with #Log4Shell
Business Times
28-07-2025
- Business
- Business Times
Never trust, always verify: Why zero trust is essential for Singapore's cybersecurity
Singapore, a bustling digital and data hub, finds itself on the front lines of an escalating cyber battlefield. Recent announcements from Coordinating Minister for National Security K Shanmugam underscore the serious threats from cyberespionage groups like UNC3886 attacking critical information infrastructure. These are not your average opportunistic hackers. We are talking about sophisticated, well-resourced advanced persistent threat (APT) actors that gain unauthorised access to a computer network and target essential services. The intent is clear: espionage, disruption and undermining national security. So, how can nations defend against such formidable and constantly evolving adversaries in today's complex digital landscape? The answer lies in a fundamental shift in our cybersecurity philosophy: zero trust. Beyond the perimeter: why the old ways don't cut it anymore A decade or so ago, securing technology felt simpler. We relied on physical security, strong network perimeters, firewalls and basic identity management. Our applications were often monolithic, tucked safely behind these defences. But those days are long gone. Today, software development is all about distributed, cloud-native, microservices-based applications. We are 'gluing together' countless pieces of existing code, each with its own complex dependencies – forming the software supply chain, which typically encompasses all tools, libraries and processes used to develop and publish software. A NEWSLETTER FOR YOU Friday, 8.30 am Asean Business Business insights centering on South-east Asia's fast-growing economies. Sign Up Sign Up This interconnected nature vastly increases the potential attack surface of our critical systems. Every new component, configuration and connection becomes a potential doorway for attackers. It is no surprise then that we have seen a dramatic hike in common vulnerabilities and exposures (CVEs) – publicly disclosed cybersecurity vulnerabilities found in software or hardware that act as a standardised way to identify and catalogue security flaws. In the first seven months of 2025, almost 27,000 CVEs were reported – an average of 127 CVEs per day. While investments in cybersecurity spending are essential, vulnerability scanners only work against known threats. This leaves us acutely exposed to zero-day attacks like the infamous Log4Shell, which exploit previously unknown weaknesses and leave defenders no time to prepare a response. Even internal bad actors can pose a zero-day threat; true zero trust means verifying even code from 'the inside'. This increasing complexity, coupled with the sheer volume of new vulnerabilities, means configuration errors or omissions in our distributed cloud-native applications can easily introduce exploitable paths. In fact, SUSE's Securing the Cloud Apac 2024 report revealed that IT decision-makers in the Asia-Pacific region experienced an average of 2.6 cloud-related security incidents in the past year, and 64 per cent confirm an incident in the last 12 months. This includes threats ranging from artificial intelligence-powered cyberattacks to edge security breaches, all aiming to disrupt and exploit our cloud environments. This reality underscores the urgent need for a transformative approach. Zero trust, with its 'never trust, always verify' principle, is that transformation. Hidden weapons in our defence arsenal More than a buzzword, zero trust is a strategic approach amplified by modern cybersecurity features. Zero-day exploits: proactive runtime protection As we have seen, UNC3886 and similar APTs frequently leverage zero-day vulnerabilities. While we cannot always predict where the next zero-day attack will strike, zero trust's granular access controls and microsegmentation significantly limit an attacker's lateral movement after a breach. Cloud-native security solutions that protect applications from zero-day attacks at runtime are crucial. These solutions continuously monitor application behaviour, detecting anomalies and blocking malicious code even if it is present. They also halt unauthorised attempts at access and data exfiltration. This means threat actors are stopped dead in their tracks, even against unknown exploits like Log4Shell. Software bill of materials: knowing what exactly is in your software 'ingredients list' In today's interconnected software landscape, understanding what is inside our applications is paramount. A software bill of materials (SBOM) provides a detailed, itemised list of all components, libraries and dependencies used in a piece of software, much like ingredients on a food label. For zero trust, SBOMs are essential. They enable organisations to know precisely what they are deploying, allowing for continuous monitoring of known vulnerabilities within those components. This visibility is critical for identifying potential weak points in the software supply chain that attackers might exploit. By understanding the provenance – the origins and history – and composition of every software element, zero-trust principles can be applied more effectively, verifying the integrity of each component before it is granted access or permission to execute. SBOMs, therefore, become a foundational element for building trust in the software we consume and deploy, aligning perfectly with the never trust, always verify ethos by exposing hidden risks. Open source: transparency, agility and collaborative defence In the face of sophisticated nation-state adversaries, proprietary, black-box security solutions can be a disadvantage. This is where open source shines. Open-source software, by its very nature, is transparent. Its code is openly available for review by a global community of experts. This transparency leads to faster discovery of vulnerabilities, and patching. Open-source solutions are also adaptable to specific national security needs, allowing for rapid deployment of new defences against evolving threats, increasing overall security resilience. At the same time, it is crucial to acknowledge that while open source offers many benefits, it can also be a source of risk if not managed properly. Regular scanning for known vulnerabilities, diligent patching, and the careful selection of well-maintained and trusted open-source projects can help organisations guard against ever-evolving threats. Building a resilient digital Singapore Cyberattacks by groups like UNC3886 are a stark reminder that our digital defences must be as agile and sophisticated as the threats we face. Implementing a zero-trust architecture – bolstered by features like proactive runtime protection, verified SBOMs and the collaborative power of open source – is a pre-emptive advantage. It ensures that even if an adversary gains a foothold, their mission becomes infinitely harder – safeguarding vital infrastructure and preserving trust so that nations like Singapore can protect and advance their missions as secure digital hubs. The writer is SUSE's chief technology officer for Asia-Pacific, Japan and Greater China
Associated Press
14-05-2025
- Business
- Associated Press
INE Security Alert: Continuous CVE Practice Closes Critical Gap Between Vulnerability Alerts and Effective Defense
CARY, N.C., May 14, 2025 /PRNewswire/ -- INE Security, a global leader in hands-on cybersecurity training and certifications, today highlighted how ongoing real-world practice with the latest CVEs (Common Vulnerabilities and Exposures) is essential for transforming security teams from reactive to proactive defenders. With over 26,000 new CVEs documented in the past year, security teams are drowning in vulnerability alerts while facing exploit windows that have compressed to hours in many cases. 'Reading CVE bulletins is not the same as knowing how to stop the attack,' said Dara Warn, CEO at INE Security. 'Our Skill Dive platform gives practitioners hands-on experience with real vulnerabilities in contained environments, cutting incident response times when these same issues hit production. This practical approach delivers far more value than traditional security certifications alone.' Skill Dive is INE Security's risk-free technical environment featuring exclusive labs not found in learning paths and courses. Skill Dive's Vulnerabilities Lab Collection offers a continuously updated library of labs specifically designed to provide hands-on practice with actual CVEs, allowing security practitioners, including those preparing for pentester certifications, to experience both the exploitation and mitigation of current real-world threats in a safe environment. CVEs: From Bulletin to Defense CVEs are the standard identifiers for known vulnerabilities, but many security teams struggle to implement effective mitigations at scale, even those with Sec+ and other entry-level certifications. Common challenges include: Practice Today's Threats. Prevent Tomorrow's Breaches. INE Security's Skill Dive Vulnerabilities Lab Collection delivers: 'When a critical CVE drops, you don't have time to theorize,' said Tracy Wallace, Director of Content at INE Security. 'Teams with hands-on practice respond significantly faster because they've seen similar attack patterns before. Log4Shell (CVE-2021-44228) was a perfect example – practitioners who had experience with JNDI injection attacks were able to implement effective mitigations within hours, while others took days or even weeks to fully remediate.' Real Benefits for Security Teams Skill Dive delivers immediate advantages for practitioners: SecOps teams, security analysts, and IT admins get exactly what certification courses miss: hands-on practice with real-world vulnerabilities. 'Security professionals who regularly drill on current vulnerabilities become exponentially more valuable to their organizations,' said Wallace. 'The best defenders understand both the attack and defense sides of the equation.' High-Impact CVEs in the Skill Dive Collection The platform features hands-on labs for the most actively exploited vulnerabilities in enterprise environments, including: 'We continuously track which vulnerabilities are most actively exploited,' said Wallace. 'Our collection prioritizes CVEs with the highest real-world impact, not just theoretical severity ratings.' Proactive Security Through Deliberate Practice The Skill Dive approach includes: Recent lab additions include other top-exploited vulnerabilities such as Cacti Import Packages RCE (CVE-2024-25641), Gradio Path Traversal (CVE-2024-1561), Calibre Arbitrary File Read (CVE-2024-6781), Graylog Information Exposure (CVE-2024-24824), and Navidrome SQL Injection (CVE-2024-47062). 'Security teams that regularly practice with new vulnerabilities stop more breaches, period,' said Wallace. 'Practice transforms defense from constant firefighting into strategic advantage.' Availability Individual subscriptions to Skill Dive are available now. Enterprise packages for team training are also available. For more information, users can visit About INE Security INE Security is the premier provider of online networking and cybersecurity training and cybersecurity certifications. Harnessing a powerful hands-on lab platform, cutting-edge technology, a global video distribution network, and world-class instructors, INE Security is the top training choice for Fortune 500 companies worldwide for cybersecurity training in business and for IT professionals looking to advance their careers. INE Security's suite of learning paths offers an incomparable depth of expertise across cybersecurity. The company is committed to delivering advanced technical training while also lowering the barriers worldwide for those looking to enter and excel in an IT career. Contact Kathryn Brown INE Security [email protected] Logo - View original content to download multimedia: SOURCE INE Security
