• Latest
  • Trending
#HowTo: Protect Against Remote Code Execution Attacks

#HowTo: Protect Against Remote Code Execution Attacks

December 27, 2021
ATC Ghana supports Girls-In-ICT Program

ATC Ghana supports Girls-In-ICT Program

April 25, 2023
Vice President Dr. Bawumia inaugurates  ICT Hub

Vice President Dr. Bawumia inaugurates ICT Hub

April 2, 2023
Co-Creation Hub’s edtech accelerator puts $15M towards African startups

Co-Creation Hub’s edtech accelerator puts $15M towards African startups

February 20, 2023
Data Leak Hits Thousands of NHS Workers

Data Leak Hits Thousands of NHS Workers

February 20, 2023
EU Cybersecurity Agency Warns Against Chinese APTs

EU Cybersecurity Agency Warns Against Chinese APTs

February 20, 2023
How Your Storage System Will Still Be Viable in 5 Years’ Time?

How Your Storage System Will Still Be Viable in 5 Years’ Time?

February 20, 2023
The Broken Promises From Cybersecurity Vendors

Cloud Infrastructure Used By WIP26 For Espionage Attacks on Telcos

February 20, 2023
Instagram and Facebook to get paid-for verification

Instagram and Facebook to get paid-for verification

February 20, 2023
YouTube CEO Susan Wojcicki steps down after nine years

YouTube CEO Susan Wojcicki steps down after nine years

February 20, 2023
Inaugural AfCFTA Conference on Women and Youth in Trade

Inaugural AfCFTA Conference on Women and Youth in Trade

September 6, 2022
Instagram fined €405m over children’s data privacy

Instagram fined €405m over children’s data privacy

September 6, 2022
8 Most Common Causes of a Data Breach

5.7bn data entries found exposed on Chinese VPN

August 18, 2022
  • Consumer Watch
  • Kids Page
  • Directory
  • Events
  • Reviews
Friday, 22 September, 2023
  • Login
itechnewsonline.com
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion
Subscription
Advertise
No Result
View All Result
itechnewsonline.com
No Result
View All Result

#HowTo: Protect Against Remote Code Execution Attacks

by ITECHNEWS
December 27, 2021
in Leading Stories, Opinion
0 0
0
#HowTo: Protect Against Remote Code Execution Attacks

From an attacker’s perspective, a remote code execution (RCE) vulnerability in a “workload” – typically a compute instance that runs one or more software – is the gift that keeps on giving. Once the vulnerability is exploited, the attacker can launch any malicious objective of their choosing. For example, RCE vulnerabilities were the root cause of the Hafnium and Kaseya cyber-attacks that crippled over 30,000 organizations in the US in a matter of minutes. Unfortunately, RCE vulnerabilities aren’t fading away anytime soon. Just recently, the US federal government’s Cybersecurity & Infrastructure Security Agency (CISA) warned about a critical RCE vulnerability in the popular open discussion platform, Discourse, and Microsoft announced three critical RCE vulnerabilities in its Patch Tuesday release.

 

YOU MAY ALSO LIKE

ATC Ghana supports Girls-In-ICT Program

Vice President Dr. Bawumia inaugurates ICT Hub

Understand How Attackers Use RCE to Access Server Workloads

 

Most adversaries are well funded, skilled, motivated and, with an early awareness of an RCE vulnerability and a vulnerable application, can be highly effective. Once a craftily constructed payload is delivered, the application relinquishes execution control to the attacker. The first malicious action the attacker executes is a reverse shell that helps them achieve full keyboard control of the victim workload. The compromised workload now is totally at the mercy of the attacker, who can perform any malicious action of their choosing. These actions include executing ransomware, exfiltrating critical data, scraping user credentials, pivoting to adjacent workloads, performing crypto mining activities and more. There is no end to an attacker’s creativity.

 

Don’t Rely on Conventional Security Tools

 

Conventional security tools do not have enough context to protect workloads from fast-moving attacks that execute in a second or two. As a result, they are completely ineffective against RCE vulnerabilities. To successfully protect against an attack that leverages an RCE vulnerability, an effective security control must launch protection as soon as the vulnerability is exploited and much before the attacker can gain keyboard control. Failure to do so allows the creative attacker to disguise their attacks and fly under the radar. Even though conventional security tools claim to work in the application’s runtime, they can only detect attacks that exhibit patterns that attackers have abused in the past. A true runtime security control activates protection when non-developer provided (or attacker-influenced code) starts executing. Even a skilled attacker will find it extremely hard to bypass a security control that embodies true runtime protection.

 

Stop Execution of Attacker Influenced Code

 

True runtime protection requires fully mapping the software by quickly establishing how developer-provided code will execute one step at a time. When attacker-controlled code starts to execute, the enterprise must stop it instantly. Failure to do so will result in dire consequences that are controlled by the attacker. The ability to pinpoint exactly when attacker-influenced code has started running transcends known and unknown vulnerabilities, historical malicious behaviors and indicators of compromise.

 

Adopt True Protection

 

Security controls that implement true protection enforce how the application should be executing at each step and stopping what it shouldn’t be doing, and do so in real-time – before an attack happens. With true protection, attackers’ dwell time is non-existent, so threat actors never have a chance to install malware or exfiltrate data.

 

Conclusion

 

Conventional security tools cannot protect against RCE vulnerabilities. To better protect their server workloads against these attacks, organizations must understand how their software runs and have the capability to stop any digression in milliseconds regardless of threats, vulnerabilities or patch status.

Source: Satya Gupta co-founder and chief technology officer, Virsec
Via: INFOSECURITY MAGAZINE
Tags: AttacksCode ExecutionRemote
ShareTweetShare
Plugin Install : Subscribe Push Notification need OneSignal plugin to be installed.

Search

No Result
View All Result

Recent News

ATC Ghana supports Girls-In-ICT Program

ATC Ghana supports Girls-In-ICT Program

April 25, 2023
Vice President Dr. Bawumia inaugurates  ICT Hub

Vice President Dr. Bawumia inaugurates ICT Hub

April 2, 2023
Co-Creation Hub’s edtech accelerator puts $15M towards African startups

Co-Creation Hub’s edtech accelerator puts $15M towards African startups

February 20, 2023

About What We Do

itechnewsonline.com

We bring you the best Premium Tech News.

Recent News With Image

ATC Ghana supports Girls-In-ICT Program

ATC Ghana supports Girls-In-ICT Program

April 25, 2023
Vice President Dr. Bawumia inaugurates  ICT Hub

Vice President Dr. Bawumia inaugurates ICT Hub

April 2, 2023

Recent News

  • ATC Ghana supports Girls-In-ICT Program April 25, 2023
  • Vice President Dr. Bawumia inaugurates ICT Hub April 2, 2023
  • Co-Creation Hub’s edtech accelerator puts $15M towards African startups February 20, 2023
  • Data Leak Hits Thousands of NHS Workers February 20, 2023
  • Home
  • InfoSec
  • Opinion
  • Africa Tech
  • Data Storage

© 2021-2022 iTechNewsOnline.Com - Powered by BackUPDataSystems

No Result
View All Result
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion

© 2021-2022 iTechNewsOnline.Com - Powered by BackUPDataSystems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Go to mobile version