Tim Grieveson from ThingsRecon suggests that security teams should first openly communicate issues with an incomplete asset inventory and start an automated discovery process. Blind spots in asset discovery are not caused by specific assets but by the assumption that the documented environment matches reality. Traditional discovery often overlooks assets that do not leave a noticeable footprint within the network. Asset discovery should be an ongoing process that feeds into vulnerability management and threat detection. Vulnerabilities should be prioritized based on the asset’s context, such as its usage, maintenance, ownership, and relation to critical operations.
Russian Cybercriminal Charged in $24 Million Qakbot Ransomware Scheme
Russian national Rustam Rafailevich Gallyamov faces US federal charges for allegedly running a major malware operation, which deployed the notorious Qakbot malware, infecting over 700,000
