• Latest
  • Trending
#HowTo: Protect Against Remote Code Execution Attacks

#HowTo: Protect Against Remote Code Execution Attacks

December 27, 2021
Inaugural AfCFTA Conference on Women and Youth in Trade

Inaugural AfCFTA Conference on Women and Youth in Trade

September 6, 2022
Instagram fined €405m over children’s data privacy

Instagram fined €405m over children’s data privacy

September 6, 2022
8 Most Common Causes of a Data Breach

5.7bn data entries found exposed on Chinese VPN

August 18, 2022
Fibre optic interconnection linking Cameroon and Congo now operational

Fibre optic interconnection linking Cameroon and Congo now operational

July 15, 2022
Ericsson and MTN Rwandacell Discuss their Long-Term Partnership

Ericsson and MTN Rwandacell Discuss their Long-Term Partnership

July 15, 2022
Airtel Africa Purchases $42M Worth of Additional Spectrum

Airtel Africa Purchases $42M Worth of Additional Spectrum

July 15, 2022
Huawei steps up drive for Kenyan talent

Huawei steps up drive for Kenyan talent

July 15, 2022
TSMC predicts Q3 revenue boost thanks to increased iPhone 13 demand

TSMC predicts Q3 revenue boost thanks to increased iPhone 13 demand

July 15, 2022
Facebook to allow up to five profiles tied to one account

Facebook to allow up to five profiles tied to one account

July 15, 2022
Top 10 apps built and managed in Ghana

Top 10 apps built and managed in Ghana

July 15, 2022
MTN Group to Host the 2nd Edition of the MoMo API Hackathon

MTN Group to Host the 2nd Edition of the MoMo API Hackathon

July 15, 2022
KIOXIA Introduce JEDEC XFM Removable Storage with PCIe/NVMe Spec

KIOXIA Introduce JEDEC XFM Removable Storage with PCIe/NVMe Spec

July 15, 2022
  • Consumer Watch
  • Kids Page
  • Directory
  • Events
  • Reviews
Monday, 30 January, 2023
  • Login
itechnewsonline.com
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion
Subscription
Advertise
No Result
View All Result
itechnewsonline.com
No Result
View All Result

#HowTo: Protect Against Remote Code Execution Attacks

by ITECHNEWS
December 27, 2021
in Leading Stories, Opinion
0 0
0
#HowTo: Protect Against Remote Code Execution Attacks

From an attacker’s perspective, a remote code execution (RCE) vulnerability in a “workload” – typically a compute instance that runs one or more software – is the gift that keeps on giving. Once the vulnerability is exploited, the attacker can launch any malicious objective of their choosing. For example, RCE vulnerabilities were the root cause of the Hafnium and Kaseya cyber-attacks that crippled over 30,000 organizations in the US in a matter of minutes. Unfortunately, RCE vulnerabilities aren’t fading away anytime soon. Just recently, the US federal government’s Cybersecurity & Infrastructure Security Agency (CISA) warned about a critical RCE vulnerability in the popular open discussion platform, Discourse, and Microsoft announced three critical RCE vulnerabilities in its Patch Tuesday release.

 

YOU MAY ALSO LIKE

Inaugural AfCFTA Conference on Women and Youth in Trade

Instagram fined €405m over children’s data privacy

Understand How Attackers Use RCE to Access Server Workloads

 

Most adversaries are well funded, skilled, motivated and, with an early awareness of an RCE vulnerability and a vulnerable application, can be highly effective. Once a craftily constructed payload is delivered, the application relinquishes execution control to the attacker. The first malicious action the attacker executes is a reverse shell that helps them achieve full keyboard control of the victim workload. The compromised workload now is totally at the mercy of the attacker, who can perform any malicious action of their choosing. These actions include executing ransomware, exfiltrating critical data, scraping user credentials, pivoting to adjacent workloads, performing crypto mining activities and more. There is no end to an attacker’s creativity.

 

Don’t Rely on Conventional Security Tools

 

Conventional security tools do not have enough context to protect workloads from fast-moving attacks that execute in a second or two. As a result, they are completely ineffective against RCE vulnerabilities. To successfully protect against an attack that leverages an RCE vulnerability, an effective security control must launch protection as soon as the vulnerability is exploited and much before the attacker can gain keyboard control. Failure to do so allows the creative attacker to disguise their attacks and fly under the radar. Even though conventional security tools claim to work in the application’s runtime, they can only detect attacks that exhibit patterns that attackers have abused in the past. A true runtime security control activates protection when non-developer provided (or attacker-influenced code) starts executing. Even a skilled attacker will find it extremely hard to bypass a security control that embodies true runtime protection.

 

Stop Execution of Attacker Influenced Code

 

True runtime protection requires fully mapping the software by quickly establishing how developer-provided code will execute one step at a time. When attacker-controlled code starts to execute, the enterprise must stop it instantly. Failure to do so will result in dire consequences that are controlled by the attacker. The ability to pinpoint exactly when attacker-influenced code has started running transcends known and unknown vulnerabilities, historical malicious behaviors and indicators of compromise.

 

Adopt True Protection

 

Security controls that implement true protection enforce how the application should be executing at each step and stopping what it shouldn’t be doing, and do so in real-time – before an attack happens. With true protection, attackers’ dwell time is non-existent, so threat actors never have a chance to install malware or exfiltrate data.

 

Conclusion

 

Conventional security tools cannot protect against RCE vulnerabilities. To better protect their server workloads against these attacks, organizations must understand how their software runs and have the capability to stop any digression in milliseconds regardless of threats, vulnerabilities or patch status.

Source: Satya Gupta co-founder and chief technology officer, Virsec
Via: INFOSECURITY MAGAZINE
Tags: AttacksCode ExecutionRemote
ShareTweetShare
Plugin Install : Subscribe Push Notification need OneSignal plugin to be installed.

Search

No Result
View All Result

Recent News

Inaugural AfCFTA Conference on Women and Youth in Trade

Inaugural AfCFTA Conference on Women and Youth in Trade

September 6, 2022
Instagram fined €405m over children’s data privacy

Instagram fined €405m over children’s data privacy

September 6, 2022
8 Most Common Causes of a Data Breach

5.7bn data entries found exposed on Chinese VPN

August 18, 2022

About What We Do

itechnewsonline.com

We bring you the best Premium Tech News.

Recent News With Image

Inaugural AfCFTA Conference on Women and Youth in Trade

Inaugural AfCFTA Conference on Women and Youth in Trade

September 6, 2022
Instagram fined €405m over children’s data privacy

Instagram fined €405m over children’s data privacy

September 6, 2022

Recent News

  • Inaugural AfCFTA Conference on Women and Youth in Trade September 6, 2022
  • Instagram fined €405m over children’s data privacy September 6, 2022
  • 5.7bn data entries found exposed on Chinese VPN August 18, 2022
  • Fibre optic interconnection linking Cameroon and Congo now operational July 15, 2022
  • Home
  • InfoSec
  • Opinion
  • Africa Tech
  • Data Storage

© 2021-2022 iTechNewsOnline.Com - Powered by BackUPDataSystems

No Result
View All Result
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion

© 2021-2022 iTechNewsOnline.Com - Powered by BackUPDataSystems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Go to mobile version