Ubuntu Security Notice 7014-2 - USN-7014-1 fixed a vulnerability in nginx. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that the nginx ngx_http_mp4 module incorrectly handled certain malformed mp4 files. In environments where the mp4 directive is in use, a remote attacker could possibly use this issue to cause nginx to crash, resulting in a denial of service.

==========================================================================  
Ubuntu Security Notice USN-7014-2  
October 08, 2024

nginx vulnerability  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS  
- Ubuntu 16.04 LTS

Summary:

nginx could be made to crash if it received specially crafted network  
traffic.

Software Description:  
- nginx: small, powerful, scalable web/proxy server

Details:

USN-7014-1 fixed a vulnerability in nginx. This update provides the  
corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.

Original advisory details:

 It was discovered that the nginx ngx_http_mp4 module incorrectly handled  
 certain malformed mp4 files. In environments where the mp4 directive is in  
 use, a remote attacker could possibly use this issue to cause nginx to  
 crash, resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 18.04 LTS  
  nginx                           1.14.0-0ubuntu1.11+esm1  
                                  Available with Ubuntu Pro  
  nginx-common                    1.14.0-0ubuntu1.11+esm1  
                                  Available with Ubuntu Pro  
  nginx-core                      1.14.0-0ubuntu1.11+esm1  
                                  Available with Ubuntu Pro  
  nginx-extras                    1.14.0-0ubuntu1.11+esm1  
                                  Available with Ubuntu Pro  
  nginx-full                      1.14.0-0ubuntu1.11+esm1  
                                  Available with Ubuntu Pro  
  nginx-light                     1.14.0-0ubuntu1.11+esm1  
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS  
  nginx                           1.10.3-0ubuntu0.16.04.5+esm6  
                                  Available with Ubuntu Pro  
  nginx-common                    1.10.3-0ubuntu0.16.04.5+esm6  
                                  Available with Ubuntu Pro  
  nginx-core                      1.10.3-0ubuntu0.16.04.5+esm6  
                                  Available with Ubuntu Pro  
  nginx-extras                    1.10.3-0ubuntu0.16.04.5+esm6  
                                  Available with Ubuntu Pro  
  nginx-full                      1.10.3-0ubuntu0.16.04.5+esm6  
                                  Available with Ubuntu Pro  
  nginx-light                     1.10.3-0ubuntu0.16.04.5+esm6  
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:  
  https://ubuntu.com/security/notices/USN-7014-2  
  https://ubuntu.com/security/notices/USN-7014-1  
  CVE-2024-7347

Ubuntu Security Notice USN-7014-2

Red Hat Security Advisory 2024-7855-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include bypass and denial of service vulnerabilities.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7855.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: thunderbird security update  
Advisory ID:        RHSA-2024:7855-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:7855  
Issue date:         2024-10-09  
Revision:           03  
CVE Names:          CVE-2024-9392  
====================================================================

Summary: 

An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

Security Fix(es):

* thunderbird: 115.16/128.3 ()

* firefox: thunderbird: Specially crafted WebTransport requests could lead to denial of service (CVE-2024-9399)

* firefox: thunderbird: Memory safety bugs fixed in Firefox 131 and Thunderbird 131 (CVE-2024-9403)

* firefox: thunderbird: Potential directory upload bypass via clickjacking (CVE-2024-9397)

* firefox: thunderbird: Memory safety bugs fixed in Firefox 131, Firefox ESR 115.16, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3 (CVE-2024-9401)

* firefox: thunderbird: Memory safety bugs fixed in Firefox 131, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3 (CVE-2024-9402)

* firefox: thunderbird: External protocol handlers could be enumerated via popups (CVE-2024-9398)

* firefox: thunderbird: Potential memory corruption during JIT compilation (CVE-2024-9400)

* firefox: thunderbird: Potential memory corruption may occur when cloning certain objects (CVE-2024-9396)

* firefox: thunderbird: Cross-origin access to PDF contents through multipart responses (CVE-2024-9393)

* firefox: thunderbird: Cross-origin access to JSON contents through multipart responses (CVE-2024-9394)

* firefox: thunderbird: Compromised content process can bypass site isolation (CVE-2024-9392)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2024-9392

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2314431  
https://bugzilla.redhat.com/show_bug.cgi?id=2315945  
https://bugzilla.redhat.com/show_bug.cgi?id=2315947  
https://bugzilla.redhat.com/show_bug.cgi?id=2315949  
https://bugzilla.redhat.com/show_bug.cgi?id=2315950  
https://bugzilla.redhat.com/show_bug.cgi?id=2315951  
https://bugzilla.redhat.com/show_bug.cgi?id=2315952  
https://bugzilla.redhat.com/show_bug.cgi?id=2315953  
https://bugzilla.redhat.com/show_bug.cgi?id=2315954  
https://bugzilla.redhat.com/show_bug.cgi?id=2315956  
https://bugzilla.redhat.com/show_bug.cgi?id=2315957  
https://bugzilla.redhat.com/show_bug.cgi?id=2315959

Red Hat Security Advisory 2024-7855-03

Red Hat Security Advisory 2024-7853-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include bypass and denial of service vulnerabilities.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7853.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: thunderbird security update  
Advisory ID:        RHSA-2024:7853-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:7853  
Issue date:         2024-10-09  
Revision:           03  
CVE Names:          CVE-2024-9392  
====================================================================

Summary: 

An update for thunderbird is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

Security Fix(es):

* thunderbird: 115.16/128.3 ()

* firefox: thunderbird: Specially crafted WebTransport requests could lead to denial of service (CVE-2024-9399)

* firefox: thunderbird: Memory safety bugs fixed in Firefox 131 and Thunderbird 131 (CVE-2024-9403)

* firefox: thunderbird: Potential directory upload bypass via clickjacking (CVE-2024-9397)

* firefox: thunderbird: Memory safety bugs fixed in Firefox 131, Firefox ESR 115.16, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3 (CVE-2024-9401)

* firefox: thunderbird: Memory safety bugs fixed in Firefox 131, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3 (CVE-2024-9402)

* firefox: thunderbird: External protocol handlers could be enumerated via popups (CVE-2024-9398)

* firefox: thunderbird: Potential memory corruption during JIT compilation (CVE-2024-9400)

* firefox: thunderbird: Potential memory corruption may occur when cloning certain objects (CVE-2024-9396)

* firefox: thunderbird: Cross-origin access to PDF contents through multipart responses (CVE-2024-9393)

* firefox: thunderbird: Cross-origin access to JSON contents through multipart responses (CVE-2024-9394)

* firefox: thunderbird: Compromised content process can bypass site isolation (CVE-2024-9392)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2024-9392

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2314431  
https://bugzilla.redhat.com/show_bug.cgi?id=2315945  
https://bugzilla.redhat.com/show_bug.cgi?id=2315947  
https://bugzilla.redhat.com/show_bug.cgi?id=2315949  
https://bugzilla.redhat.com/show_bug.cgi?id=2315950  
https://bugzilla.redhat.com/show_bug.cgi?id=2315951  
https://bugzilla.redhat.com/show_bug.cgi?id=2315952  
https://bugzilla.redhat.com/show_bug.cgi?id=2315953  
https://bugzilla.redhat.com/show_bug.cgi?id=2315954  
https://bugzilla.redhat.com/show_bug.cgi?id=2315956  
https://bugzilla.redhat.com/show_bug.cgi?id=2315957  
https://bugzilla.redhat.com/show_bug.cgi?id=2315959

Red Hat Security Advisory 2024-7853-03

Red Hat Security Advisory 2024-7851-03 - An update for.NET 6.0 is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7851.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: .NET 6.0 security updateAdvisory ID:        RHSA-2024:7851-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:7851Issue date:         2024-10-09Revision:           03CVE Names:          CVE-2024-43483====================================================================Summary: An update for .NET 6.0 is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.135 and .NET Runtime 6.0.35.Security Fix(es):* dotnet: System.IO.Packaging - Multiple DoS vectors in use of SortedList (CVE-2024-43484)* dotnet: Multiple .NET components susceptible to hash flooding (CVE-2024-43483)* dotnet: Denial of Service in System.Text.Json (CVE-2024-43485)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Security Fix(es):* dotnet: System.IO.Packaging - Multiple DoS vectors in use of SortedList (CVE-2024-43484)* dotnet: Multiple .NET components susceptible to hash flooding (CVE-2024-43483)* dotnet: Denial of Service in System.Text.Json (CVE-2024-43485)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-43483References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2315729https://bugzilla.redhat.com/show_bug.cgi?id=2315730https://bugzilla.redhat.com/show_bug.cgi?id=2315731

Red Hat Security Advisory 2024-7851-03

Red Hat Security Advisory 2024-7848-03 - An update for openssl is now available for Red Hat Enterprise Linux 8.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7848.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Low: openssl security updateAdvisory ID:        RHSA-2024:7848-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:7848Issue date:         2024-10-09Revision:           03CVE Names:          CVE-2024-5535====================================================================Summary: An update for openssl is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.Security Fix(es):* openssl: SSL_select_next_proto buffer overread (CVE-2024-5535)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-5535References:https://access.redhat.com/security/updates/classification/#lowhttps://bugzilla.redhat.com/show_bug.cgi?id=2294581

Red Hat Security Advisory 2024-7848-03

Red Hat Security Advisory 2024-7847-03 - An update for openssl is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7847.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Low: openssl security updateAdvisory ID:        RHSA-2024:7847-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:7847Issue date:         2024-10-09Revision:           03CVE Names:          CVE-2024-5535====================================================================Summary: An update for openssl is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.Security Fix(es):* openssl: SSL_select_next_proto buffer overread (CVE-2024-5535)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-5535References:https://access.redhat.com/security/updates/classification/#lowhttps://bugzilla.redhat.com/show_bug.cgi?id=2294581

Red Hat Security Advisory 2024-7847-03

Red Hat Security Advisory 2024-7846-03 - An update for openssl is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7846.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Low: openssl security updateAdvisory ID:        RHSA-2024:7846-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:7846Issue date:         2024-10-09Revision:           03CVE Names:          CVE-2024-5535====================================================================Summary: An update for openssl is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.Security Fix(es):* openssl: SSL_select_next_proto buffer overread (CVE-2024-5535)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-5535References:https://access.redhat.com/security/updates/classification/#lowhttps://bugzilla.redhat.com/show_bug.cgi?id=2294581

Red Hat Security Advisory 2024-7846-03

Red Hat Security Advisory 2024-7842-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include bypass and denial of service vulnerabilities.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7842.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: firefox security update  
Advisory ID:        RHSA-2024:7842-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:7842  
Issue date:         2024-10-09  
Revision:           03  
CVE Names:          CVE-2024-8900  
====================================================================

Summary: 

An update for firefox is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

Security Fix(es):

* firefox: thunderbird: Specially crafted WebTransport requests could lead to denial of service (CVE-2024-9399)

* firefox: thunderbird: Memory safety bugs fixed in Firefox 131 and Thunderbird 131 (CVE-2024-9403)

* firefox: thunderbird: Potential directory upload bypass via clickjacking (CVE-2024-9397)

* firefox: thunderbird: Memory safety bugs fixed in Firefox 131, Firefox ESR 115.16, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3 (CVE-2024-9401)

* firefox: thunderbird: Memory safety bugs fixed in Firefox 131, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3 (CVE-2024-9402)

* firefox: thunderbird: External protocol handlers could be enumerated via popups (CVE-2024-9398)

* firefox: thunderbird: Potential memory corruption during JIT compilation (CVE-2024-9400)

* firefox: thunderbird: Potential memory corruption may occur when cloning certain objects (CVE-2024-9396)

* firefox: thunderbird: Cross-origin access to PDF contents through multipart responses (CVE-2024-9393)

* firefox: thunderbird: Cross-origin access to JSON contents through multipart responses (CVE-2024-9394)

* firefox: thunderbird: Compromised content process can bypass site isolation (CVE-2024-9392)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2024-8900

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2315945  
https://bugzilla.redhat.com/show_bug.cgi?id=2315947  
https://bugzilla.redhat.com/show_bug.cgi?id=2315949  
https://bugzilla.redhat.com/show_bug.cgi?id=2315950  
https://bugzilla.redhat.com/show_bug.cgi?id=2315951  
https://bugzilla.redhat.com/show_bug.cgi?id=2315952  
https://bugzilla.redhat.com/show_bug.cgi?id=2315953  
https://bugzilla.redhat.com/show_bug.cgi?id=2315954  
https://bugzilla.redhat.com/show_bug.cgi?id=2315956  
https://bugzilla.redhat.com/show_bug.cgi?id=2315957  
https://bugzilla.redhat.com/show_bug.cgi?id=2315959

Red Hat Security Advisory 2024-7842-03

​​​With careful planning, ongoing evaluation, and a commitment to treat cybersecurity as a core business function, SMBs can transform their vulnerabilities into strengths​​.

Source: Josie Elias via Alamy Stock Photo

COMMENTARY

Small and medium-sized businesses (SMBs) increasingly have become prime targets for cybercriminals. While large corporations often dominate headlines when breaches occur, the reality is that SMBs are at even greater risk. Almost 70% of SMBs reported experiencing at least one cyberattack in the past year. The reasons are clear: SMBs often operate with limited budgets, inadequate cybersecurity tools, and a shortage of skilled cybersecurity professionals. These factors make them particularly vulnerable to the sophisticated and evolving threats of today's cyber environment.  

SMBs are the lifeblood of our economy, and their drive and determination are truly inspiring. The businesses I interact with are exceptionally skilled and consistently deliver outstanding services and products to their customers. I must remind myself, however, that SMBs are not inherently technology companies. Because of budget challenges, they are often considered "soft targets" by threat actors.  

These smaller businesses just want their IT to work seamlessly and securely. Yet, when it comes to mitigating threats like cyber breaches, they are at a disadvantage. While many SMBs understand the importance of cybersecurity, they often need help prioritizing, implementing, and maintaining effective defenses due to limited resources — both financial and technical — compared with larger organizations.  

**Understanding the Landscape **

The range of cyber threats facing SMBs is broad and constantly evolving. Common attack vectors include phishing, ransomware, denial of service, social engineering, and session hijacking, to name a few. Each threat can cause significant harm — whether through intellectual property theft, financial extortion, or reputational damage.  

The most successful cyberattacks exploit the gaps in an organization's cyber-risk strategy. For SMBs, these gaps frequently are the result of constrained resources, limited access to skilled talent, and a reactive approach to cybersecurity. In my conversations with customers and business partners, it's clear that while the concern for cyber-risk is universal, SMBs are often the least equipped to address these risks independently.  

**People, Process, and Technology: A Comprehensive Approach **

To effectively address cyber threats, SMBs must adopt a holistic approach that focuses on three essential components: people, process, and technology.  

**1\. People: Bridging the Skills Gap **

One of the most significant challenges SMBs face is the lack of skilled cybersecurity professionals. Even the best technology and processes can fall short without the right talent. SMBs must assess their current workforce's skills and identify gaps. Addressing these gaps is crucial, whether through training existing employees, hiring new talent, or partnering with external cybersecurity firms.  

In many cases, it may be more practical for SMBs to engage with a trusted partner to supplement their in-house capabilities. Many of the customers I speak with utilize cybersecurity-focused consultancies for short- and mid-term implementations, or rely on managed service providers (MSPs). Additionally, leveraging software-as-a-service (SaaS) solutions can be a cost-effective way to access advanced security tools without requiring extensive in-house expertise. These services often have guaranteed service levels, ensuring that experienced professionals manage critical security functions.  

**2\. Process: Defining Cyber Resilience **

While each organization has unique technical requirements, the need for a well-defined cyber-resilience strategy is universal. SMBs must develop processes tailored to their specific needs and adapt to changing business demands. A one-size-fits-all approach will not suffice. Instead, SMBs should consider standard frameworks like ITIL, Agile, and DevOps as baselines for developing their cybersecurity strategies, as these frameworks can help streamline processes and strengthen the overall cybersecurity posture.  

A key takeaway from my conversations with successful SMBs is the importance of designing sustainable business processes. Cyber resilience is an ongoing journey, not a static goal requiring continuous improvement and adaptability. Every organization must regularly evaluate and update processes to keep pace with evolving needs and emerging threats. By embracing a dynamic approach to process development, SMBs can stay ahead of the curve and maintain robust defenses.  

**3\. Technology: Choosing the Right Tools **

Technology is the cornerstone of any cybersecurity strategy. Given the wide range of available tools, SMBs must carefully select the solutions that best meet their specific needs. Whether focusing on network security, data protection, or identity management, the chosen technology must be both practical and scalable.  

SMBs should focus on ensuring their technology stack aligns with their cybersecurity strategy. This means evaluating on-premises and cloud-based solutions while carefully managing access to sensitive data. The objective is to choose technology that not only addresses immediate security concerns but also strengthens long-term resilience.  

**Engaging Leadership and Industry **

A critical aspect of any successful cybersecurity program is the involvement of leadership at every level of the organization. From my discussions with business leaders who have established robust cyber resilience programs, one common theme emerges: Cybersecurity is a serious priority across the organization. It's not merely the IT department's responsibility but a critical business imperative that affects reputation, financial health, and legal compliance.  

To secure this level of commitment, SMBs must involve their leadership teams in developing and overseeing cybersecurity strategies. This entails conducting regular assessments of the program's effectiveness, incorporating feedback from both cybersecurity professionals and business leaders. When leadership is actively involved, it sends a clear message that cybersecurity is a priority, fostering a culture of security throughout the organization.  

Another critical factor is the willingness to seek external expertise. Successful SMBs often look beyond their internal resources, utilizing market analysis, user groups, vendor forums, and industry contacts to inform their cybersecurity strategies. For SMBs with limited staff and experience, these external resources offer valuable insights and support critical to the success of their programs. 

**Conclusion: A Proactive Path Forward **

Cybersecurity is not a one-time effort — it's an ongoing commitment that requires vigilance, adaptability, and strategic investment. For SMBs, the path to cyber resilience may be challenging, but it is achievable with the right approach. By focusing on the critical areas of people, processes, and technology, and engaging leadership at all levels, SMBs can develop robust defenses that safeguard their assets, reputation, and future growth.  

Ultimately, it's not just about preventing attacks. It’s about building a resilient organization that can thrive in an increasingly digital and complex business environment. As threats evolve, SMBs must continuously adapt their strategies and solutions to protect their businesses. Through careful planning, ongoing evaluation, and a commitment to treat cybersecurity as a core business function, SMBs can transform their vulnerabilities into strengths and secure their place in the digital economy.  

**About the Author**

CEO, One Identity

Mark Logan serves as Chief Executive Officer of One Identity and joined the company in June 2022. He is responsible for driving the overall growth strategy, go-to-market and P&L for One Identity. Mark is a seasoned executive with experience developing enterprise software companies to achieve successful growth. He is a proven leader with nearly two decades of C-suite experience at companies such as Emptoris (now part of IBM), Attunity, and most recently LogRhythm. Having been in the cyber security space for several years, Mark believes One Identity is in the right market at the right time to provide critically important cybersecurity protection for enterprises, public sector organizations and federal agencies.

Building Cyber Resilience in SMBs ​With ​Limited Resources

Red Hat Security Advisory 2024-7822-03 - An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7822.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: container-tools:rhel8 security updateAdvisory ID:        RHSA-2024:7822-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:7822Issue date:         2024-10-09Revision:           03CVE Names:          CVE-2024-34156====================================================================Summary: An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.Security Fix(es):* encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-34156References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2310528

Tag

#vulnerability