Taylor Lehmann, Chief Information Security Officer at athenahealth, is implementing a new security strategy called “internal offensive” to protect the company’s valuable targets. This involves continuous penetration testing and using tools to assess the effectiveness of security controls. Lehmann believes that traditional security measures are no longer sufficient in the face of evolving cyber threats and that a proactive approach is necessary. athenahealth is using the services of Randori, a cybersecurity company, to help with this strategy.
Splunk Enterprise Pre-Auth RCE Chain Exposes Database With Zero Authentication
A critical vulnerability chain in Splunk Enterprise has been disclosed, enabling unauthenticated attackers to achieve remote code execution (RCE) through a misconfigured PostgreSQL sidecar service.
