Netizen Blog and News

The Netizen team sharing expertise, insights and useful information in cybersecurity, compliance, and software assurance.

recent posts

about

  • Google Dorking: How a Simple Google Search Can Expose Your Sensitive Data

    Google Dorking: How a Simple Google Search Can Expose Your Sensitive Data

    We’re all so used to searching for things on Google—It’s almost second nature to us. Want to know tomorrow’s weather? Google it. Need a recipe for dinner? Google’s got your back. But here’s the thing: Google can do a lot more than we realize. Instead of just typing in something like ‘easy homemade recipes,’ which might return tons of pages that aren’t exactly what you need, you can add more to your search to narrow down your results. For example, you could type ‘intitle:”homemade” intitle:”recipe” site:allrecipes.com.’ Using these additional search parameters, a basic example of the tactic called “Google Dorking,” helps you find pages on allrecipes.com that have ‘homemade’ and ‘recipe’ in the title. Pretty efficient, right? Maybe even a bit too efficient. While it’s extremely helpful for refining your searches, Google Dorking is also a tool that attackers can use to probe for potential vulnerabilities on your websites, namely sensitive information inadvertently left accessible to the public.

    Understanding the Power of Google Dorking

    Google Dorking, as illustrated by the above example, is a method that capitalizes on Google’s search capabilities in order to refine and target specific search results. While the ‘intitle’ and ‘site’ operators were highlighted in the earlier example, other operators can be combined to produce a variety of specific outcomes. For example, the search ‘filetype:pdf intext:”payroll” site:yourcompany.com’ (where yourcompany.com represents a company website) would return every single pdf document on the site that includes the word “payroll” in it, possibly exposing sensitive employee payroll information to an attacker. This can be easily prevented if your website’s private documents are kept inaccessible by the public, which is why it’s so important to take preventative measures against these attacks.

    The Dangerous Simplicity of Dorking

    The danger of Dorking doesn’t necessarily lie in its power, but rather in its simplicity and ease of use. Hamid Firoozi’s case is a great example of this. Firoozi used Google Dorking to identify an unguarded computer in the Bowman Avenue Dam’s network. After discovering said computer, he gained remote access to it and was luckily unable to cause damage to the dam as the sluice gates had been offline for maintenance. Nonetheless, the simplicity of his approach was alarming; a few well-crafted search terms revealed a pathway to a potentially disastrous breach. This case serves as a potent reminder that Google Dorking empowers even those with limited technical prowess to uncover weak points in seemingly secure systems; It exemplifies the necessity to keep your systems updated and secure, and most importantly your network’s information inaccessible to the public.

    Safeguarding Against Google Dorking Exploits

    To defend against potential threats posed by Google Dorking, the following steps can be taken:

    • Regular Security Audits: Conduct periodic audits of your website’s security to identify potential vulnerabilities that could be exploited through advanced search queries.
    • Utilize Robots.txt: Utilize the robots.txt file to restrict search engine access to sensitive sections of your website, limiting exposure to Dorking techniques.
    • Stay Vigilant: Consistently monitor your website’s exposure to potential Dorking techniques and take swift action if any sensitive information is inadvertently accessible.
    • Educate Yourself and Others: Educating your team about the risks of Google Dorking and preventative measures to counteract it can help prevent unintended data exposure.

    Conclusion

    While search engines constantly optimize and innovate in order to bring the most relevant results to our screens, the tools they provide to specify our searches carry a strong power in their colons and operators, a power utilized negatively in Google Dorking. By understanding this technique, remaining informed, and implementing anti-Dorking cybersecurity measures, we can strike a balance between utilizing the power of advanced searches and safeguarding our digital realms against potential threats.

    How Can Netizen Help?

    Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time. 

    We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type. 

    Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.

    Netizen is an ISO 27001:2013 (Information Security Management), ISO 9001:2015, and CMMI V 2.0 Level 3 certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans. 

    Questions or concerns? Feel free to reach out to us any time – 

    https://www.netizen.net/contact

  • Netizen: August Vulnerability Review

    Netizen: August Vulnerability Review

    Security vulnerabilities are a common occurrence in managing any business’s organizational security. The prompt patching and remediation of any new vulnerabilities are critical to reducing the outside attack surface. Netizen’s Security Operations Center (SOC) has compiled five vulnerabilities from July that should be immediately patched or addressed if present in your environment. Detailed writeups below:

    CVE-2023-3600:

    Use-after-free condition could lead to a potentially exploitable crash. This vulnerability has a NIST CVSSv3 base score rating of 8.8/10 and it affects Mozilla Firefox & Firefox ESR in versions prior to 115.0.2 as well as Mozilla Thunderbird in versions prior to 115.0.1. The vulnerability allows a use-after-free condition to occur which can potentially create a memory problem during the operation of a program causing an exploitable crash. The attack complexity is low but does require user interaction. There are no public technical details or exploits available.

    CVE-2023-37268:

    On Warpgate, when logged in as a user with SSO enabled an attacker can authenticate as another user. This vulnerability has a NIST CVSSv3 base score rating of 8.8/10. Warpgate is an SSH, HTTPS, and MySQL bastion host (A server that manages access to an internal or private network from an external network) for Linux and it doesn’t need special client apps. This is an improper authentication vulnerability where the software does not sufficiently authenticate an identity that is provided by an attacker. If a user account does not have MFA enabled, the account can be compromised. The suggested mediation is to upgrade to a newer version. A proof of concept is located at this Github website: https://github.com/warp-tech/warpgate/security/advisories/GHSA-868r-97g5-r9g4

    CVE-2023-33012:

    A command injection vulnerability in the configuration parser of the Zyxel ATP could allow an unauthenticated, LAN-based attacker to execute some OS commands. This vulnerability has a NIST CVSSv3 base score rating of 8.8/10 and affects the GRE Configuration Handler of the Zyxel ATP series firmware versions 5.10 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 5.10 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 5.10 through 5.36 Patch 2, and VPN series firmware versions 5.00 through 5.36 Patch 2. The vulnerability allows an attacker to execute OS command injections leading to a system compromise. There is a high impact on the CIA Triad.

    CVE-2023-24019:

    A stack-based buffer overflow vulnerability exists in the urvpn_client http_connection_readcb functionality of Milesight UR32L v32.3.0.5. This vulnerability has a NIST CVSSv3 base score rating of 8.1/10. A manipulation of the Network Request Handler component can lead to a buffer overflow [the amount of data in the buffer exceeds the storage capacity of the buffer] exploit leading to unauthorized access to a system. The complexity of this attack is rated high, privileges are not required and there is no user interaction required. The technical details and public exploit are known and a proof of concept is available at Talos Intelligence: https://vuldb.com/?advisory_url.233143

    CVE-2023-23546:

    Milesight UR32L v32.3.0.5 misconfiguration vulnerability in the urvpn_client functionality can lead to increased privileges. This vulnerability has a NIST CVSSv3 base score rating of 8.1/10. There is a vulnerability in the urvpn_client function which can lead to a certificate authority [a trusted entity that issues SSL certificates] vulnerability. A man-in-the-middle attack [an attacker is in between a victim and an application/website to listen in or impersonate to steal information such as credentials] can trigger the vulnerability which leads to privilege escalation. This vulnerability requires user interaction and there is a low impact to confidentiality and integrity.

    Conclusion:

    In conclusion, software vulnerabilities are a common nuisance to IT and security teams everywhere. Organizations that prioritize the remediation and patching of these vulnerabilities will drastically reduce their attack surface and ensure no doors into their environment are left unlocked.

    How Can Netizen Help?

    Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time. 

    We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type. 

    Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.

    Netizen is an ISO 27001:2013 (Information Security Management), ISO 9001:2015, and CMMI V 2.0 Level 3 certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans. 

    Questions or concerns? Feel free to reach out to us any time – https://www.netizen.net/contact

  • Voice Synthesis: The Growing Threat of Vishing with AI Technology

    Voice Synthesis: The Growing Threat of Vishing with AI Technology

    A few months ago, a song called “Heart on My Sleeve” went viral on social media: a collaboration between artists Drake and The Weeknd. It was quickly met with excitement from hip-hop fans, not only because of the song’s impressive vocal performances or the catchy lyrics from both artists, but because it was entirely AI-generated.

    A Dangerous Trend:

    Impersonating an artist or famous person’s voice is as easy as going online, finding one of the several AI models trained in replicating voices, and telling it what you want it to say. These models work with large training sets of vocal data in order to replicate speech, down to the different inflections and emphasis one puts on syllables. Modern vocal synthesis is pretty convincing too; “Heart on My Sleeve” got most of its hype from social media users being tricked into thinking they were actually listening to a leaked song, not an AI-generated one. AI voice cloning has become extremely trendy, fun, and easy to do, but not many realize the unseen implications this powerful software now has on the security of our identities.

    Why Voice Synthesis Poses a Risk

    Phishing, and more specifically vishing (phishing through voice communication), has always been an issue, but now that impersonation technology runs rampant, vishers seemed to have made a major breakthrough. Utilizing cheap, easily-accessible AI software and an audio clip of just a few sentences, an attacker can easily synthesize a person’s speech, and make them say anything they want. Vishers are beginning to use this technology to conduct more powerful vishing scams on a large scale basis, in which they’ll call vulnerable targets, just like a typical vishing attempt– except this time they’ll be using the voice of a loved one. This recognizable voice, combined with a sense of urgency, utilizes familiarity to trick victims into divulging sensitive information or large amounts of money.

    Preventing Attacks That Use Voice Synthesis

    In order to protect yourself and those around you from the dangers of impersonation technology and AI-driven vishing attacks, there are several preventative measures you can take. First of all, it’s always important to remain skeptical of unprompted phone calls, especially those requesting you share sensitive information or send them money, even if they do appear to be someone you trust. Verifying the identity of the caller is as easy as hanging up and calling your contact back or in the case of it being a business call, calling the company line and asking to speak with your contact.

    Conclusion:

    As technology, specifically artificial intelligence, continues to advance, scammers will continue to develop creative ways to attempt to defraud and impersonate their victims. By taking steps to protect both yourself and those around you, we can all stay secure against the new wave of digital attackers. Staying vigilant and informed about new styles of cyber-attacks is the best way to stay both updated and safe in this rapidly-advancing age.

    How Can Netizen Help?

    Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time. 

    We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type. 

    Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.

    Netizen is an ISO 27001:2013 (Information Security Management), ISO 9001:2015, and CMMI V 2.0 Level 3 certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans. 

    Questions or concerns? Feel free to reach out to us any time – https://www.netizen.net/contact

  • Netizen: July Vulnerability Review

    Netizen: July Vulnerability Review

    Security vulnerabilities are a common occurrence in managing any business’s organizational security. The prompt patching and remediation of any new vulnerabilities are critical to reducing the outside attack surface. Netizen’s Security Operations Center (SOC) has compiled four vulnerabilities from June that should be immediately patched or addressed if present in your environment. Detailed writeups below:

    CVE-2023-3422:

    Potential exploit heap corruption via a crafted HTML page can convince a user to install a malicious extension. This vulnerability has a NIST CVSSv3 base score rating of 8.8/10. In Google Chrome quest view, there is a UAF (Use After Free) vulnerability that allows an attacker to convince a user, with a well-crafted HTML page, to install a malicious extension and possibly cause a heap corruption. A UAF vulnerability involves an incorrect use of dynamic memory. If a program doesn’t properly clear the memory pointer after a memory location is cleared, an attacker can use this vulnerability to exploit/hack the program. This affects Google Chrome versions prior to 114.0.5735.198. The technical details of this vulnerability are listed as unknown and there is no known public exploit available.

    CVE-2022-29144:

    Chromium-based Microsoft Edge Privilege Escalation Vulnerability. This vulnerability has a NIST CVSSv3 base score rating of 8.3/10 and the attack complexity is rated high, which means there are conditions that are required for a successful exploit that are beyond the attacker’s control. The technical details of this vulnerability are not publicly available and to exploit this vulnerability, there needs to be a user interaction. If an exploit is successful, it poses a high risk to the CIA Triad.

    CVE-2023-25055:

    Cross-Site Request Forgery (CSRF) vulnerability in Google XML Sitemap for Videos plugin that is in versions 2.6.1 or earlier. This vulnerability has a NIST CVSSv3 base score rating of 8.8/10. This is a Google XML Sitemap video plugin for WordPress. The video_sitemap_generate function is affected. The web application doesn’t sufficiently verify the input given which leads to a CSRF exploit and allows an attacker to trick a user of a web application to execute actions such as transferring funds, changing mail addresses, etc.

    CVE-2023-34121:

    Improper input validation in the Zoom may allow information disclosure. This vulnerability has a NIST CVSSv3 base score rating of 8.8/10, requires no user interaction, and poses a high risk to the CIA Triad. An improper validation of input in the Zoom for Windows, Zoom Rooms, and Zoom VDI Windows Meeting clients before 5.14.0 can lead to information disclosure. This disclosure allows an attacker to see sensitive information that they are not authorized to see. The MITRE ATT&CK has declared this attack technique as T1592 (Gather Victim Host Information).

    Conclusion:

    In conclusion, software vulnerabilities are a common nuisance to IT and security teams everywhere. Organizations that prioritize the remediation and patching of these vulnerabilities will drastically reduce their attack surface and ensure no doors into their environment are left unlocked.

    How Can Netizen Help?

    Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time. 

    We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type. 

    Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.

    Netizen is an ISO 27001:2013 (Information Security Management), ISO 9001:2015, and CMMI V 2.0 Level 3 certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans. 

    Questions or concerns? Feel free to reach out to us any time – https://www.netizen.net/contact

  • Netizen: June Vulnerability Review

    Netizen: June Vulnerability Review

    Security vulnerabilities are a common occurrence in managing any business’s organizational security. The prompt patching and remediation of any new vulnerabilities are critical to reducing the outside attack surface. Netizen’s Security Operations Center (SOC) has compiled five vulnerabilities from May that should be immediately patched or addressed if present in your environment. Detailed writeups below:

    CVE-2022-3405:

    Code execution and sensitive information disclosure due to excessive privileges assigned to Acronis Agent. This vulnerability has a NIST CVSSv3 base score rating of 8.8/10 and affects Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545. The default configuration of the Acronis Cyber Protect appliance allows an anonymous registration of a new backup/protection for a new endpoint agent. An attacker with network access can use this anonymous registration to create an authentication token which can then be used to make changes in the appliance through the web console to gain privilege escalation resulting in the ability to get RCE and sensitive information disclosure. There is a POC (Proof of Concept) for this vulnerability and is rated high import on the CIA Triad.

    CVE-2023-22693:

    Cross-Site Request Forgery (CSRF) vulnerability in conlabzgmbh WP Google Tag Manager plugin <= 1.1 versions. This vulnerability has a NIST CVSSv3 base score rating of 8.8/10 and affects this WordPress plugin in versions <= 1.1. The vulnerability in this plugin doesn’t sufficiently verify a request was intentionally given by the user who submitted the request. In order to successfully exploit this vulnerability user interaction is required. It is not known to be exploited in the wild.

    CVE-2023-32069:

    User to execute anything with the right of the author of the XWiki.ClassSheet document. This vulnerability has a NIST CVSSv3 base score rating of 8.8/10 and affects the XWiki Platform starting in version 3.3-milestone-2 and prior to versions 14.10.4 and 15.0-rc-1. This has been patched in XWiki 15.0-rc-1 and 14.10.4 with no known workarounds. This platform does not correctly perform an authorization check when an attacker tries to access a resource or perform an action that allows the attacker to bypass the access restrictions. This vulnerability does have a high impact on the CIA Triad.

    CVE-2023-2723:

    Use after free in DevTools in Google Chrome prior to 113.0.5672.126 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. This vulnerability has a NIST CVSSv3 base score rating of 8.8/10. This is a use-after-free vulnerability that allows the incorrect use of dynamic computer memory during the operation of a program. If you reference this freed memory it is possible to crash the program or execute code. In order to successfully exploit this vulnerability, user interaction and has a high impact on the CIA Triad.

    CVE-2023-24903:

    Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This vulnerability has a NIST CVSSv3 base score rating of 8.1/10. The program contains a race condition in which code sequences can run concurrently (at the same time) with other code and a modification of shared resources can lead to RCE. User interaction is not required for exploitation. There is a vendor patch available.

    Conclusion:

    In conclusion, software vulnerabilities are a common nuisance to IT and security teams everywhere. Organizations that prioritize the remediation and patching of these vulnerabilities will drastically reduce their attack surface and ensure no doors into their environment are left unlocked.

    How Can Netizen Help?

    Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time. 

    We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type. 

    Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.

    Netizen is an ISO 27001:2013 (Information Security Management), ISO 9001:2015, and CMMI V 2.0 Level 3 certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans. 

    Questions or concerns? Feel free to reach out to us any time – https://www.netizen.net/contact

  • Netizen: May Vulnerability Review

    Netizen: May Vulnerability Review

    Security vulnerabilities are a common occurrence in managing any business’s organizational security. The prompt patching and remediation of any new vulnerabilities are critical to reducing the outside attack surface. Netizen’s Security Operations Center (SOC) has compiled five vulnerabilities from April that should be immediately patched or addressed if present in your environment. Detailed writeups below:

    CVE-2023-23801:

    HasThemes provides more than 170,000 customers with custom web development and design services. Their ‘Really Simple Google Tag Manager’ serves to help track and update marketing tags and has over 2,000 active installations on WordPress sites. This vulnerability has a NIST CVSSv3 base scoring of 8.8/10. Versions <= 1.0.6 are subject to a Cross-Site Request Forgery (CSRF) vulnerability. The recommended patch process is updating to version 1.0.7, previously released four weeks ago.

    CVE-2023-24877:

    Microsoft PostScript and PCL6 Printer Drivers are home to a Remote Code Execution (RCE) vulnerability. This vulnerability has a NIST CVSSv3 base scoring of 8.8/10. Authenticated attackers with basic privileges could send a modified XPS file, a file type similar to PDF, to a shared printer. The processing of this modified XPS file may result in the execution of rogue code. Microsoft notes that applicable exploit code has not been spotted in the wild. An official fix for CVE-2023-24887 does exist through Microsoft.

    CVE-2023-22913 / CVE-2023-27991:

    Zyxel Networks, a technology provider, specializes in network solutions for small to medium-sized businesses. Applicable firmware versions of their USG Flex, versions 4.50 through 5.35, and ATP, versions 4.32 through 5.35, series firewalls were victims of post-authentication critical command injection last month. These vulnerabilities have a NIST CVSSv3 base scoring of 8.1/10 and 8.8/10 respectively. While the USG Flex vulnerability produces closer to DoS conditions, OS command injection is available for their ATP series. Version 5.36 has been released for both series of firewalls and remedies these vulnerabilities successfully. 

    CVE-2023-1812:

    Google Chrome before version 112.0.5615.49 is susceptible to maliciously crafted HTML pages. This vulnerability has a NIST CVSSv3 base scoring of 8.8/10. Google noted that crafted HTML pages could lead to a remote attacker gaining access to out-of-bounds memory. Google hastily delivered an update remediating this vulnerability along with fifteen others.

    Conclusion:

    In conclusion, software vulnerabilities are a common nuisance to IT and security teams everywhere. Organizations that prioritize the remediation and patching of these vulnerabilities will drastically reduce their attack surface and ensure no doors into their environment are left unlocked.

    How Can Netizen Help?

    Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time. 

    We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type. 

    Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.

    Netizen is an ISO 27001:2013 (Information Security Management), ISO 9001:2015, and CMMI V 2.0 Level 3 certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans. 

    Questions or concerns? Feel free to reach out to us any time – https://www.netizen.net/contact

  • Netizen: Breaking Into Cybersecurity

    Netizen: Breaking Into Cybersecurity

    The cyber workforce is all around us, from the business that provides you the internet connection allowing you to view this article to the security professionals that safeguard our private information. It can be intimidating to start with such a vast array of opportunities present. Pair a career challenge with an overall bearish job market, and a true sense of despair may arise.

    However, your dream-cyber job is out there, and it’s worth pursuing. While an initial challenge, and learning curve, may be met, nothing worthwhile comes easy. Often the most challenging aspect of overcoming anything is learning the unknown. What credentials do you need? What field is right for you?

    Decide Which Field Is Best For You:

    The beauty of the cyber field is that everybody fits in somewhere. Each presents its unique challenges and rewards. Are you a logic-driven individual that enjoys watching projects come together? Software engineering may be for you. Do you take pride in problem-solving and maintaining an environment? You may consider becoming a network administrator. Taking the time to figure out where you uniquely fit in will only lead to higher success and fulfillment. Now is a great time to remember that your career is never a short sprint but a steady jog. Rushing short-term gains can have negative consequences on long-term goals.

    With your desired field in mind, it is crucial to work out the optimal process to get there. Field-to-field requirements for education, work experience, and capabilities can vary greatly. Becoming the CIO (Chief Information Officer) of a Fortune 500 company can prove impossible without adequate experience and formal education. These requirements, or those that apply to your chosen field, should be seen as obstacles that will only push you further, not discourage you.

    Consider Displayed Learning:

    Relevant certifications are a great way to prove your capabilities to employers and, equally important, yourself. While certifications will vary by your chosen field, there is an overlap between them. Those determined to virtually work hands-on with IT systems, such as network engineers or security professionals, should consider CompTIA Network+ or Security+ certifications. These certifications will force you to display, at the very least, a basic understanding of desired concepts.

    As for those that work amongst more software than hardware, certifications are not so readily available. Software position requirements will typically be formal education and varying amounts of work experience. For these positions, it’s still important to display your learning and efforts. Side projects are invaluable to upcoming software engineers, no matter the size of the project. Getting your side projects onto sites like Github will allow employers to see your skill level and passion for the craft.

    Engage In The Community:

    Social media apps such as LinkedIn are a highly underrated resource for upcoming cyber professionals. With the ability to engage with hiring managers, industry leaders, and peers, there is no reason not to stay active in the community. While a single conversation is unlikely to net a position opportunity immediately, building relationships and getting your name on the radar is invaluable. LinkedIn is also a fantastic place to display your achievements, whether certifications or projects.

    Prepare For The Interviewing Phase:

    Interviewing is hands-down the tallest hurdle of pursuing a career in cyber. The interviewing process should not discourage you since there is an abundance of hidden value in meeting with various companies. Rarely does your first interview turn into a long-term career. Regardless of the answer or offer, remember that this is another opportunity for a relationship. Keep an open mind to constructive criticism and inquire how to improve next time. 

    Conclusion:

    An often-misunderstood notion of the cyber workforce is that an offer from an employer does not mark the end of your journey. Technology has and will continue to evolve, regardless of your current position. Remain informed and consider subscribing to popular blogs or news sources in your field. Take online courses to learn new concepts and better understand topics you already know. Being a life-long learner and committing to staying updated will ensure you always have a position now and in the future.

    How Can Netizen Help?

    Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time. 

    We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type. 

    Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.

    Netizen is an ISO 27001:2013 (Information Security Management), ISO 9001:2015, and CMMI V 2.0 Level 3 certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans. 

    Questions or concerns? Feel free to reach out to us any time – https://www.netizen.net/contact

  • Netizen: April Vulnerability Review

    Netizen: April Vulnerability Review

    Security vulnerabilities are a common occurrence in managing any business’s organizational security. The prompt patching and remediation of any new vulnerabilities are critical to reducing outside attack surface. Netizen’s Security Operations Center (SOC) has compiled five vulnerabilities from March that should be immediately patched or addressed if present in your environment. Detailed writeups below:

    CVE-2022-48433:

    CVE-2022-48433 targets popular software development IDE JetBrains IntelliJ IDEA. This vulnerability has a NIST CVSSv3 base scoring of 7.5/10. IntelliJ consists of several useful plugins for developers to utilize to aid in the creation of software. Among them is a popular internal http server for web development, however, it can potentially leak the users’ NTLM hash through the API for the http server. Remediation is available via a standard software update to the latest version.

    CVE-2023-26925:

    CVE-2023-26925 allows attackers to gather sensitive information from D-Link DIR-882 router devices via the syslog module. This vulnerability has a NIST CVSSv3 base scoring of 7.5/10. This information disclosure is made possible by crafting a special HTTP request against DIR-882 routers ‘/messages’ route. The request is triggerable by an unprivileged user. Remediation is not readily available from D-Link, therefore users are urged to audit DIR-882 devices and perform risk analysis.

    CVE-2023-28731:

    CVE-2023-28731 is an unauthenticated Remote Code Execution (RCE) present in version 8.3.0 and below of the AcyMailing Plugin for Joomla. his vulnerability has a NIST CVSSv3 base scoring of 9.8/10. The plugin allows for unrestricted file upload on the campaign creation function. An attacker can utilize this file upload to create and upload PHP code allowing for the remote code execution to take place. To remediate the threat caused by CVE-2023-28731 it is recommended users update to secure versions of the AcyMailing Plugin.

    CVE-2022-45355:

    CVE-2022-45355 targets vulnerable WordPress Plugin ‘WP Pipes’ with versions less than or equal to 1.33. This vulnerability has a NIST CVSSv3 base scoring of 7.2/10. The WP Pipes Plugin is inherently vulnerable to a privileged SQL injection attack. This vulnerability may allow attackers to entirely delete, modify, and view data throughout a WordPress instances database. To remediate CVE-2022-45355 users should update to secure versions of WP Pipes.

    CVE-2023-28892:

    CVE-2023-28892 represents a unique opportunity for attackers to conduct privilege escalation on Windows systems. This vulnerability has a NIST CVSSv3 base scoring of 7.8/10. The vulnerability targets Malwarebytes AdwCleaner 8.4.0 software’s function to delete debug logs. The path to these logs are user-controllable which presents the privilege escalation to non-admin users via a symbolic link in the file system. Remediation as of now is to remove the vulnerable software.

    Conclusion:

    In conclusion, software vulnerabilities are a common nuisance to IT and security teams everywhere. Organizations that prioritize the remediation and patching of these vulnerabilities will drastically reduce their attack surface and ensure no doors into their environment are left unlocked.

    How Can Netizen Help?

    Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time. 

    We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type. 

    Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.

    Netizen is an ISO 27001:2013 (Information Security Management), ISO 9001:2015, and CMMI V 2.0 Level 3 certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans. 

    Questions or concerns? Feel free to reach out to us any time – https://www.netizen.net/contact

  • NETIZEN CEO NAMED FOR A THIRD YEAR TO THE “POWER 100” LIST OF THE MOST INFLUENTIAL PEOPLE IN THE LEHIGH VALLEY

    NETIZEN CEO NAMED FOR A THIRD YEAR TO THE “POWER 100” LIST OF THE MOST INFLUENTIAL PEOPLE IN THE LEHIGH VALLEY

    Allentown, PA: Netizen Corporation’s Founder and CEO, Michael Hawkins, has been named for the third year in a row to the “Power 100” list of the Lehigh Valley region’s most influential people by Lehigh Valley Business. According to the publication, the Power 100 list is “a showcase of power players who are leading the Greater Lehigh Valley community into the future. They are business owners, CEOs, lawyers, public servants and elected officials…who make decisions that impact lives, inspire success and spark innovation.” The Lehigh Valley is one of the fastest growing areas in Pennsylvania and the entire northeastern United States. With a population nearing one million people, the area has been routinely cited as a national success story for its robust economic growth and development.

    The recipients of this prestigious award were hand selected by a special Lehigh Valley Business editorial panel and select readers of the publication who took into consideration those individuals who make our laws, build our homes and highways, protect our health and safety, educate our children, support the vulnerable, and provide the spark that inspires innovation and economic growth. An individual profile for each recipient will be published in the March 27th edition of Lehigh Valley Business both online at their website and in print.

    “Once again, I am truly humbled to be counted for the third year in a row amongst the regions ‘power players’ and influencers that are making a difference across the Lehigh Valley and beyond. This year’s list comprises yet again such an amazing cohort of peers and professionals that I am honored to be counted amongst,” said Michael Hawkins. Lehigh Valley Business also publishes a custom profile for each recipient, and his most recent one can be found at https://lvb.com/michael-hawkins/.

    About Netizen Corporation:

    America’s fastest-growing cybersecurity firm, 2nd fastest-growing Veteran-owned company, and 47th fastest-growing private company overall according to the 2019 Inc. 5000 list of the nation’s most successful businesses, Netizen provides specialized cybersecurity solutions for government, defense, and commercial markets. They also develop innovative products such as the award-winning Overwatch Governance Suite.

    The company, a certified Service Disabled Veteran Owned Business (SDVOSB), is based in Allentown, PA with additional locations in Virginia, South Carolina, and Florida. In addition to having been one of the fastest-growing businesses in the US, Netizen has also been named a national “Best Workplaces” by Inc. Magazine and has received the US Department of Labor HIRE Vets Platinum Medallion award for veteran hiring, retention, and community involvement three years in a row. Learn more at Netizen.net.

    POINT OF CONTACT:

    Tristan Boheim

    Account Executive

    Email: press@netizen.net 

  • Netizen: What is ISO 27001 and How Can It Benefit Your Organization?

    Netizen: What is ISO 27001 and How Can It Benefit Your Organization?

    ISO 27001 is an international standard for information security management. It provides a comprehensive framework for managing and protecting sensitive information, such as financial data, personal information, and intellectual property, against unauthorized access, use, disclosure, disruption, modification, or destruction.

    The standard outlines the processes, policies, and controls that organizations need to implement to ensure their information’s confidentiality, integrity, and availability. It covers all types of information, regardless of whether it is stored electronically, on paper, or in any other form.

    Organizations implementing ISO 27001 must undergo an independent certification process to verify their compliance with the standard. This helps assure customers, stakeholders, and regulators that the organization’s information security is managed in a systematic, risk-based, and effective manner.

    What industries commonly use ISO certifications?

    Any organization that handles sensitive information, regardless of its size or industry, may benefit from implementing ISO 27001 and becoming certified. The standard is relevant for organizations that handle personal data, financial information, intellectual property, and any other type of confidential information.

    In particular, organizations that are required to comply with regulations or standards that specify information security requirements, such as the EU General Data Protection Regulation (GDPR), may need to implement ISO 27001 to demonstrate their compliance.

    Examples of organizations that typically need to worry about ISO 27001 include:

    1. Healthcare organizations, such as hospitals and clinics
    2. Government agencies, such as tax authorities and social security agencies
    3. Technology companies, such as software developers and data centers
    4. Retail companies, such as online retailers and brick-and-mortar stores
    5. Financial institutions, such as banks and insurance companies

    In summary, any organization that values the protection of its sensitive information, and wants to demonstrate its commitment to information security, may benefit from implementing ISO 27001 and becoming certified.

    What are the benefits of adopting ISO 27001 policies?

    1. Improved Information Security: ISO 27001 provides a comprehensive framework for managing and protecting sensitive information, which helps organizations to reduce the risk of data breaches, cyber-attacks, and other security incidents.
    2. Increased Confidence: ISO 27001 certification demonstrates to customers, stakeholders, and regulators that the organization is committed to information security and that it has implemented best practices for managing and protecting sensitive information.
    3. Better Risk Management: ISO 27001 requires organizations to perform regular risk assessments, which helps them to identify and prioritize the risks to their information assets and to implement controls to manage those risks.
    4. Improved Business Continuity: ISO 27001 helps organizations to implement processes and controls that ensure the availability and continuity of their information and systems, which helps to reduce the impact of security incidents and other disruptions.
    5. Competitive Advantage: ISO 27001 certification can provide a competitive advantage for organizations, especially in industries that value information security, such as finance, healthcare, and government.

    What are the disadvantages of adopting ISO 27001 policies?

    1. Implementation Costs: Implementing ISO 27001 can be expensive, as it requires the investment of time, resources, and money to develop and implement an information security management system (ISMS).
    2. Ongoing Maintenance Costs: Maintaining ISO 27001 certification requires ongoing monitoring and review of the ISMS, as well as regular recertification audits, which can be time-consuming and costly.
    3. Resistance to Change: Some employees may resist the changes that are required to implement ISO 27001, especially if they involve new processes, procedures, or technologies.
    4. Complexity: ISO 27001 is a complex standard that requires a deep understanding of information security and risk management concepts, which can be challenging for organizations that are new to these areas.
    5. Limited Flexibility: ISO 27001 provides a set of prescriptive requirements that organizations must follow, which can limit their flexibility to adopt new technologies or respond to changing business needs.

    Preparing for ISO 27001 compliance involves several steps, which can be broadly grouped into the following categories:

    • Planning: In this stage, the organization defines its information security objectives, identifies its scope of certification, and appoints a team to manage the implementation process. The organization also identifies its legal and regulatory requirements and maps out the assets, people, processes, and technology it must protect.
    • Implementation: In this stage, the organization develops and implements its information security management system (ISMS). This includes documenting its policies, procedures, and work instructions and selecting and implementing controls to address the risks to its information assets.
    • Assessment: In this stage, the organization performs an internal audit to evaluate its ISMS’s effectiveness and identify improvement areas. It also conducts a risk assessment to identify and prioritize its information assets’ risks and determine the controls required to manage those risks.
    • Certification: In this stage, the organization undergoes an independent certification process, in which a certifying body assesses the organization’s ISMS to verify its compliance with ISO 27001. If the certification is successful, the organization is awarded an ISO 27001 certification.
    • Maintenance: In this stage, the organization maintains its ISMS by continuously monitoring and reviewing its effectiveness and making improvements as necessary. The organization also undergoes periodic recertification audits to maintain its ISO 27001 certification.

    Conclusion:

    In conclusion, it is important to note that preparing for ISO 27001 compliance is a continuous process that requires the commitment of senior management and the involvement of employees at all levels of the organization. Any organization that handles sensitive information, regardless of its size or industry, may benefit from implementing ISO 27001 and becoming certified. The standard remains as one of the most relevant for organizations that handle personal data, financial information, intellectual property, and any other type of confidential information.

    How Can Netizen Help?

    Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time. 

    We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type. 

    Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.

    Netizen is an ISO 27001:2013 (Information Security Management), ISO 9001:2015, and CMMI V 2.0 Level 3 certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans. 

    Questions or concerns? Feel free to reach out to us any time – https://www.netizen.net/contact