Ubuntu Security Notice 7076-2 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

    ==========================================================================Ubuntu Security Notice USN-7076-2October 31, 2024linux-azure-fde-5.15 vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 20.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux-azure-fde-5.15: Linux kernel for Microsoft Azure CVM cloud systemsDetails:Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:  - Microsoft Azure Network Adapter (MANA) driver;  - Watchdog drivers;  - Netfilter;  - Network traffic control;(CVE-2024-45016, CVE-2024-38630, CVE-2024-45001, CVE-2024-27397)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 20.04 LTS  linux-image-5.15.0-1074-azure-fde  5.15.0-1074.83~20.04.1.1  linux-image-azure-fde           5.15.0.1074.83~20.04.1.51After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:  https://ubuntu.com/security/notices/USN-7076-2  https://ubuntu.com/security/notices/USN-7076-1  CVE-2024-27397, CVE-2024-38630, CVE-2024-45001, CVE-2024-45016Package Information:  https://launchpad.net/ubuntu/+source/linux-azure-fde-5.15/5.15.0-1074.83~20.04.1.1

Ubuntu Security Notice USN-7076-2

Ubuntu Security Notice 7021-5 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

    ==========================================================================Ubuntu Security Notice USN-7021-5October 31, 2024linux-azure-fde vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systemsDetails:Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:  - GPU drivers;  - BTRFS file system;  - F2FS file system;  - GFS2 file system;  - BPF subsystem;  - Netfilter;  - RxRPC session sockets;  - Integrity Measurement Architecture(IMA) framework;(CVE-2024-27012, CVE-2024-38570, CVE-2024-42228, CVE-2024-41009,CVE-2024-39494, CVE-2024-42160, CVE-2024-39496, CVE-2024-26677)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS  linux-image-5.15.0-1073-azure-fde  5.15.0-1073.82.1  linux-image-azure-fde-lts-22.04  5.15.0.1073.82.50After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:  https://ubuntu.com/security/notices/USN-7021-5  https://ubuntu.com/security/notices/USN-7021-4  https://ubuntu.com/security/notices/USN-7021-3  https://ubuntu.com/security/notices/USN-7021-2  https://ubuntu.com/security/notices/USN-7021-1  CVE-2024-26677, CVE-2024-27012, CVE-2024-38570, CVE-2024-39494,  CVE-2024-39496, CVE-2024-41009, CVE-2024-42160, CVE-2024-42228Package Information:  https://launchpad.net/ubuntu/+source/linux-azure-fde/5.15.0-1073.82.1

Ubuntu Security Notice USN-7021-5

Ubuntu Security Notice 7086-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code.

    ==========================================================================Ubuntu Security Notice USN-7086-1October 31, 2024firefox vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 20.04 LTSSummary:Several security issues were fixed in Firefox.Software Description:- firefox: Mozilla Open Source web browserDetails:Multiple security issues were discovered in Firefox. If a user weretricked into opening a specially crafted website, an attacker couldpotentially exploit these to cause a denial of service, obtain sensitiveinformation across domains, or execute arbitrary code. (CVE-2024-10458CVE-2024-10459, CVE-2024-10460, CVE-2024-10461, CVE-2024-10462,CVE-2024-10463, CVE-2024-10464, CVE-2024-10465, CVE-2024-10466,CVE-2024-10467, CVE-2024-10468)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 20.04 LTS  firefox                         132.0+build1-0ubuntu0.20.04.1After a standard system update you need to restart Firefox to make all thenecessary changes.References:  https://ubuntu.com/security/notices/USN-7086-1  CVE-2024-10458, CVE-2024-10459, CVE-2024-10460, CVE-2024-10461,  CVE-2024-10462, CVE-2024-10463, CVE-2024-10464, CVE-2024-10465,  CVE-2024-10466, CVE-2024-10467, CVE-2024-10468Package Information:  https://launchpad.net/ubuntu/+source/firefox/132.0+build1-0ubuntu0.20.04.1

Ubuntu Security Notice USN-7086-1

Ubuntu Security Notice 7087-1 - It was discovered that libarchive incorrectly handled certain RAR archive files. If a user or automated system were tricked into processing a specially crafted RAR archive, an attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code.

==========================================================================  
Ubuntu Security Notice USN-7087-1  
October 31, 2024

libarchive vulnerability  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.10  
- Ubuntu 24.04 LTS  
- Ubuntu 22.04 LTS  
- Ubuntu 20.04 LTS

Summary:

libarchive could be made to crash or run programs as your login if it  
opened a specially crafted file.

Software Description:  
- libarchive: Library to read/write archive files

Details:

It was discovered that libarchive incorrectly handled certain RAR archive  
files. If a user or automated system were tricked into processing a  
specially crafted RAR archive, an attacker could use this issue to cause  
libarchive to crash, resulting in a denial of service, or possibly execute  
arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 24.10  
  libarchive13t64                 3.7.4-1ubuntu0.1

Ubuntu 24.04 LTS  
  libarchive13t64                 3.7.2-2ubuntu0.3

Ubuntu 22.04 LTS  
  libarchive13                    3.6.0-1ubuntu1.3

Ubuntu 20.04 LTS  
  libarchive13                    3.4.0-2ubuntu1.4

In general, a standard system update will make all the necessary changes.

References:  
  https://ubuntu.com/security/notices/USN-7087-1  
  CVE-2024-20696

Package Information:  
  https://launchpad.net/ubuntu/+source/libarchive/3.7.4-1ubuntu0.1  
  https://launchpad.net/ubuntu/+source/libarchive/3.7.2-2ubuntu0.3  
  https://launchpad.net/ubuntu/+source/libarchive/3.6.0-1ubuntu1.3  
  https://launchpad.net/ubuntu/+source/libarchive/3.4.0-2ubuntu1.4

Ubuntu Security Notice USN-7087-1

Ubuntu Security Notice 7085-2 - USN-7085-1 fixed a vulnerability in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations in the X Keyboard Extension. An attacker could use this issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code.

==========================================================================  
Ubuntu Security Notice USN-7085-2  
October 30, 2024

xorg-server, xorg-server-hwe-16.04, xorg-server-hwe-18.04 vulnerability  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS  
- Ubuntu 16.04 LTS

Summary:

X.Org X Server could be made to crash or run programs if it received  
specially crafted data.

Software Description:  
- xorg-server: X.Org X11 server  
- xorg-server-hwe-18.04: X.Org X11 server  
- xorg-server-hwe-16.04: X.Org X11 server

Details:

USN-7085-1 fixed a vulnerability in X.Org. This update provides  
the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.

Original advisory details:

 Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled  
 certain memory operations in the X Keyboard Extension. An attacker could  
 use this issue to cause the X Server to crash, leading to a denial of  
 service, or possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 18.04 LTS  
  xserver-xorg-core               2:1.19.6-1ubuntu4.15+esm9  
                                  Available with Ubuntu Pro  
  xserver-xorg-core-hwe-18.04     2:1.20.8-2ubuntu2.2~18.04.11+esm1  
                                  Available with Ubuntu Pro  
  xwayland                        2:1.19.6-1ubuntu4.15+esm9  
                                  Available with Ubuntu Pro  
  xwayland-hwe-18.04              2:1.20.8-2ubuntu2.2~18.04.11+esm1  
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS  
  xserver-xorg-core               2:1.18.4-0ubuntu0.12+esm14  
                                  Available with Ubuntu Pro  
  xserver-xorg-core-hwe-16.04     2:1.19.6-1ubuntu4.1~16.04.6+esm6  
                                  Available with Ubuntu Pro  
  xwayland                        2:1.18.4-0ubuntu0.12+esm14  
                                  Available with Ubuntu Pro  
  xwayland-hwe-16.04              2:1.19.6-1ubuntu4.1~16.04.6+esm6  
                                  Available with Ubuntu Pro

After a standard system update you need to reboot your computer to make all  
the necessary changes.

References:  
  https://ubuntu.com/security/notices/USN-7085-2  
  https://ubuntu.com/security/notices/USN-7085-1  
  CVE-2024-9632

Ubuntu Security Notice USN-7085-2

Ubuntu Security Notice 7084-2 - USN-7084-1 fixed vulnerability in urllib3. This update provides the corresponding update for the urllib3 module bundled into pip. It was discovered that urllib3 didn't strip HTTP Proxy-Authorization header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information.

==========================================================================  
Ubuntu Security Notice USN-7084-2  
October 30, 2024

python-pip vulnerability  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.10  
- Ubuntu 24.04 LTS  
- Ubuntu 22.04 LTS  
- Ubuntu 20.04 LTS  
- Ubuntu 18.04 LTS  
- Ubuntu 16.04 LTS

Summary:

urllib3 could leak sensitive information.

Software Description:  
- python-pip: Python package installer

Details:

USN-7084-1 fixed vulnerability in urllib3. This update provides the  
corresponding update for the urllib3 module bundled into pip.

Original advisory details:

 It was discovered that urllib3 didn't strip HTTP Proxy-Authorization  
 header on cross-origin redirects. A remote attacker could possibly use  
 this issue to obtain sensitive information.

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 24.10  
  python3-pip                     24.2+dfsg-1ubuntu0.1  
  python3-pip-whl                 24.2+dfsg-1ubuntu0.1

Ubuntu 24.04 LTS  
  python3-pip                     24.0+dfsg-1ubuntu1.1  
  python3-pip-whl                 24.0+dfsg-1ubuntu1.1

Ubuntu 22.04 LTS  
  python3-pip                     22.0.2+dfsg-1ubuntu0.5  
  python3-pip-whl                 22.0.2+dfsg-1ubuntu0.5

Ubuntu 20.04 LTS  
  python-pip-whl                  20.0.2-5ubuntu1.11  
  python3-pip                     20.0.2-5ubuntu1.11

Ubuntu 18.04 LTS  
  python-pip                      9.0.1-2.3~ubuntu1.18.04.8+esm6  
                                  Available with Ubuntu Pro  
  python-pip-whl                  9.0.1-2.3~ubuntu1.18.04.8+esm6  
                                  Available with Ubuntu Pro  
  python3-pip                     9.0.1-2.3~ubuntu1.18.04.8+esm6  
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS  
  python-pip                      8.1.1-2ubuntu0.6+esm10  
                                  Available with Ubuntu Pro  
  python-pip-whl                  8.1.1-2ubuntu0.6+esm10  
                                  Available with Ubuntu Pro  
  python3-pip                     8.1.1-2ubuntu0.6+esm10  
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:  
  https://ubuntu.com/security/notices/USN-7084-2  
  https://ubuntu.com/security/notices/USN-7084-1  
  CVE-2024-37891

Package Information:  
https://launchpad.net/ubuntu/+source/python-pip/24.2+dfsg-1ubuntu0.1  
https://launchpad.net/ubuntu/+source/python-pip/24.0+dfsg-1ubuntu1.1  
https://launchpad.net/ubuntu/+source/python-pip/22.0.2+dfsg-1ubuntu0.5  
https://launchpad.net/ubuntu/+source/python-pip/20.0.2-5ubuntu1.11

Ubuntu Security Notice USN-7084-2

Red Hat Security Advisory 2024-8680-03 - An update for mod_http2 is now available for Red Hat Enterprise Linux 9. Issues addressed include denial of service and null pointer vulnerabilities.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8680.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Low: mod_http2 security updateAdvisory ID:        RHSA-2024:8680-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:8680Issue date:         2024-10-31Revision:           03CVE Names:          CVE-2024-36387====================================================================Summary: An update for mod_http2 is now available for Red Hat Enterprise Linux 9.Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd 2.4 servers.Security Fix(es):* mod_http2: DoS by null pointer in websocket over HTTP/2 (CVE-2024-36387)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-36387References:https://access.redhat.com/security/updates/classification/#lowhttps://bugzilla.redhat.com/show_bug.cgi?id=2295006

Red Hat Security Advisory 2024-8680-03

Red Hat Security Advisory 2024-8679-03 - An update for podman is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8679.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: podman security updateAdvisory ID:        RHSA-2024:8679-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:8679Issue date:         2024-10-30Revision:           03CVE Names:          CVE-2024-9675====================================================================Summary: An update for podman is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.Security Fix(es):* buildah: Buildah allows arbitrary directory mount (CVE-2024-9675)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-9675References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2317458

Red Hat Security Advisory 2024-8679-03

Red Hat Security Advisory 2024-8678-03 - An update for grafana is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Issues addressed include a cross site scripting vulnerability.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8678.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: grafana security updateAdvisory ID:        RHSA-2024:8678-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:8678Issue date:         2024-10-30Revision:           03CVE Names:          CVE-2024-9355====================================================================Summary: An update for grafana is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es):* golang-fips: Golang FIPS zeroed buffer (CVE-2024-9355)* dompurify: nesting-based mutation XSS vulnerability (CVE-2024-47875)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-9355References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2315719https://bugzilla.redhat.com/show_bug.cgi?id=2318052

Red Hat Security Advisory 2024-8678-03

Knee-jerk reactions to major vendor outages could do more harm than good.

Source: SOPA Images Limited

COMMENTARY

The now-infamous July CrowdStrike outage sparked global chaos and countless conversations about vendor security. Despite the industry noise and myriad headlines about the outage — and its potential cost of more than $5 billion to Fortune 500 companies alone — there is a bigger picture we must consider. And that is how, as an industry, we understand the risks involved and respond to major outages and other cybersecurity crises. 

While the CrowdStrike outage was a freak accident, it's likely not the last time we'll witness this kind of meltdown from a major technology provider. As our digital ecosystems become further interconnected and enterprises increasingly put their trust in singular vendors, business leaders will have to grapple with the inevitability of similar events, whether from a simple outage or a malicious hack. In every case along that spectrum, however, these leaders must avoid knee-jerk reactions that could ultimately do more harm than good. Blindly switching to a new vendor or making drastic changes to IT and security processes could introduce security holes that exacerbate vulnerabilities in an organization's overall security posture, rather than improving it.  

Instead of immediately jumping ship, here are the three things companies should do in the wake of a CrowdStrike-like event to ensure business continuity and high operational standards.  

**1\. Assess Vendors' Overall Reliability and Risk**

Switching vendors after an incident isn't as simple — or as beneficial — as it may seem. Before switching, businesses must evaluate both the existing and potential vendor, and assess each vendor's overall reliability and risk. For instance, Resilience customer data shows that despite the July incident, CrowdStrike Falcon is highly effective. It has the lowest percentage of material claims of endpoint detection and response (EDR) vendors in Resilience's portfolio, with fewer than 3% of clients with Falcon experiencing a cyber-insurance claim with losses. Of course, no company can — or should — claim the ability to avoid 100% of incidents, but in these kinds of deliberations, it's critical to put a vendor's long-term track record into perspective. On the flip side, however, if a vendor shows a consistent history of outages or vulnerabilities (as has VPN provider Ivanti, of late), poor performance or communication, and long delays in remediation, an incident could be the helpful forcing factor in considering the benefits of trying something new.  

It's also important to note the costs of switching vendors that go beyond sticker price, such as implementation time, staff training costs, and adjusting workflows to incorporate the new system and meet business needs. These third-party risk considerations must be considered, with leadership weighing the business interruption costs of an outage with the existing vendor against the total costs that come with making a switch.  

**2\. Avoid Radical Changes to the Update Process**

This particular outage raised the issue of update cadence and testing frequency, with many arguing that the affected organizations should have taken a more cautious, thorough approach to testing the update before rolling it out. But delaying updates is a calculated risk, and not necessarily one that most companies should be taking. Antivirus and EDR signatures are designed to counter quick-breaking, emerging threats toward existing systems, so while you can decide to wait to allow the days or weeks it may take to fully test the update, you may be leaving your systems vulnerable to new exploits in the process. Threat actors only grow faster and more sophisticated in their approaches, so quick security updates are more crucial than ever. The risk of taking additional precautions in testing may not be worth it for every company, especially since most updates happen seamlessly. After all, part of the reason CrowdStrike made headlines was because the outage was so out of the ordinary. 

In a perfect world, where bad actors weren't a consistent threat and update processes took no extra time, following the typical best practice of testing each and every update that comes from each and every vendor might be feasible. But in the real world, changes to the update process are likely to slow down your defenses. Ultimately, there is no one-size-fits-all answer, and the best approach will depend on the specific organization and its risk tolerance.  

**3\. Don't Panic**

It's tempting to liken incidents like CrowdStrike to natural disasters (such as catastrophic hurricanes), but that oversimplification distracts from the heart of the issue. While many insurers use this analogy to describe cyber events, it's neither accurate nor useful, as it becomes an apples-to-oranges comparison that frames cyber incidents or outages as one-sided and world-ending. But the reality is far different. There's no tangible way for individuals to prevent or mitigate the intensity of category hurricanes or tornadoes, but there are certainly simple, actionable steps we can take to mitigate the financial impact of an outage or counteract the negative effects of a potential attack. This includes implementing proper cyber hygiene, transferring financial risk through cyber insurance, and having a detailed cybersecurity action plan in the event of an attack or outage. It's not only feasible but essential that companies take these steps to remain operable and functioning in the midst of an incident.  

In short, decision-makers across the board can't allow themselves to make reactive or fear-based decisions on their security posture directly following a cyber incident. These knee-jerk reactions could lead to greater complications and introduce a host of new vulnerabilities just waiting to be exploited. Instead, leaders must focus on understanding the root cause of the incident, learning from it, and making risk-driven decisions that mitigate the greatest financial loss and improve their organization's overall cyber resilience. This includes taking a proactive approach and incorporating third-party risk management into business continuity planning. That way, you'll be able to avoid catastrophic interruptions to your day-to-day business and maintain continuity and resilience in the face of a cyber incident. 

**About the Author**

CEO & Co-Founder, Resilience

Vishaal Hariprasad, best known as "V8," co-founded what is now known as Resilience in 2016 to bridge the divide between cyber insurance and cybersecurity. As a licensed insurance broker and producer, as well as a veteran of both the US Air Force and the cybersecurity industry, Vishaal brings the leadership skills he honed in his years with the military to his position as CEO for Resilience. After graduating from the United States Air Force Academy, V8 was commissioned to military service as a Cyber Operations Officer for the Air Force. Hariprasad is an Iraq War veteran and a recipient of a Bronze Star Medal. In 2012, he co-founded Morta Security, which was acquired by Palo Alto Networks, where he then served as a threat intelligence architect. In 2015, V8 was tapped to serve as a founding partner at the Pentagon's newly established Defense Innovation Unit Experimental (DIUx) in Mountain View, California, an office under the Secretary of Defense charged with leveraging commercial technology to solve defense challenges. V8 holds a B.A. in Mathematics from the US Air Force Academy and an M.S. in Information Technology from Virginia Polytechnic Institute and State University (Virginia Tech).

Tag

#vulnerability