Policyholder Dashboard updates, GRE explainer, & more.
“And I would have gotten away with it too, if it weren’t for you meddling kids.”
Famous last words of every bad guy caught on Scooby Doo. Also, maybe the thoughts of a threat actor once they lose their cloak of anonymity?
The latest unmasking is a member of the Lapsus$ extortion gang, arrested by the Brazilian government following last year’s breach of the Brazilian Ministry of Health. A month prior, the UK police arrested a teenager — also tied to the Lapsus$ gang — associated with the Uber breach. Just like the so-called monsters from your favorite cartoon, threat actors are only human — and we can bring humans to justice.
For more on the latest cybersecurity news and Corvus updates, keep reading:
Risk + Response Tips
Security tips and service updates from VP of Risk + Response Lauren Winchester
The more the merrier. Log into your Policyholder Dashboard now to take advantage of our new “My Team” tab and add new users to your account. Whether they’re members of your IT team, outside security vendors, or colleagues in legal or finance, everyone is welcome!
In addition to spreading the benefits of direct access to the Dashboard’s policy information and vCISO Center, adding users is also the best way to ensure key communications like vulnerability alerts hit the right inboxes in your organization, getting in front of the people who need to take action.
📌 Avoid communication overload. This new feature allows you to specify each contact’s role to guarantee they only get the updates they need.
Head to the My Team tab to get started!
💡 What’s New?
Policyholder Dashboard Features
To increase transparency, you’ll now find the source of any recommendation found in your Action Center. For instance, if the Corvus Scan picks up a vulnerability you need to patch, the card will be tagged “Corvus Scan” — likewise if the recommendation is derived from answers to either of our Security Questionnaire modules. You can now view your Action Cards grouped by these sources. Head to the Action Center to see these updates live.
Noteworthy trends in cybersecurity from Chief Information Security Officer Jason Rebholz
Security is often seen as buying tools and stopping bad guys. While that’s a fundamental component, it’s only one layer of risk management. Enter Governance, Risk, and Compliance — or GRC for short. For a growing security program, it can make a massive difference organization-wide. So, what is it?
A GRC framework:
GRC is a structured approach to governance, risk, and compliance. While in the past, these systems have been approached separately, a coordinated model that emphasizes all three helps organizations keep up with rapid developments, whether it be in cyber risk or evolving security regulations. A quick breakdown:
- Governance: Rules, processes, and standards that organizations abide by to meet business goals. How is our business directed?
- Risk management: What security risks threaten business operations, and how do we identify and respond to them?
- Compliance: How do we adhere to regulatory requirements set by legal and industrial bodies?
Why it matters:
A GRC framework plays a vital role in addressing vulnerabilities your organization faces, helps align IT and business goals, and supports data-driven decision making. Regulatory requirements and cybersecurity threats aren’t going away — but we can do our best to stay ahead.
Mark your calendars: Join Corvus’s own Senior Manager of GRC, Sagar Shah, on November 9th at 1 p.m. EST and get to know the ins-and-outs of GRC.
📌 Sign up for our collaborative webinar session with Centraleyes!
The Corvus Scan is a powerful asset that enables us to identify which policyholders are at greater risk for vulnerabilities. You’ve probably already heard from us about the following if your organization is at risk, but we’ve gathered a monthly round-up of alerts and threat intel updates below:
Apache Commons Text Vulnerability
On October 13th, 2022, a vulnerability was disclosed in Apache Commons Text, a Java-based programming utility. This vulnerability allows for remote code execution in certain versions and configurations of Commons Text. A security patch has been released by the Apache Security Team. Read our guidance.
On October 7th, 2022, Fortinet sent an advisory bulletin to clients detailing a critical security flaw (CVE-2022-40684). The vulnerability allows for authentication bypass in certain versions of FortiOS and FortiProxy. Security patches have been released and should be applied as soon as possible. Read our guidance.
ICYMI - the October Threat Intel Updates
- Generational Security Gap, BlackByte Data Theft, & Apache Vulnerability
- Fortinet Vulnerability Exploited, Alchimist Malware, & Phishing Targets Election Workers
- Fortinet Vulnerability, Teenage Blackmailer, and China-State Sponsored Hackers
- New Microsoft Exchange Vulnerability, LockBit Freebie, & Brute Ratel Leaks