Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
MS Exchange zero-days: The calm before the storm?
CVE-2022-41040 and CVE-2022-41082, the two exploited MS Exchange zero-days that still have no official fix, have been added to CISA’s Known Exploited Vulnerabilities (KEV) Catalog.
October 2022 Patch Tuesday forecast: Looking for treats, not more tricks
We’ve entered the final quarter of 2022 with a favorite holiday for many – Halloween, at the end of the month. Unfortunately, Microsoft has continued to play a few tricks on us. Several Microsoft Exchange Server vulnerabilities have been reported and exploited, and the Windows 11 rollout and updates have been a little ‘rocky’.
7 cybersecurity audiobooks you should listen to this year
Audiobooks have gained enormous popularity among book lovers for a variety of factors, including their convenience, which enables listeners to learn while running errands or traveling. Here’s a list of cybersecurity audiobooks that are worthy of your time.
How to start and grow a cybersecurity consultancy
A cybersecurity industry veteran, Praveen Singh is the co-founder and Chief Information Security Advisor at CyberPWN Technologies, a digital defense consulting firm. In this interview with Help Net Security, he offers insight for anyone interested in building their own cybersecurity consultancy.
Many IT pros don’t think a ransomware attack can impact Microsoft 365 data
Nearly a quarter of businesses have suffered a ransomware attack, with a fifth occurring in the past 12 months, according to Hornetsecurity.
CISA orders federal agencies to regularly perform IT asset discovery, vulnerability enumeration
A new directive issued by the Cybersecurity and Infrastructure Security Agency (CISA) is ordering US federal civilian agencies to perform regular asset discovery and vulnerability enumeration, to better account for and protect the devices that reside on their networks.
To avoid insider threats, try empathy
In this interview with Help Net Security, Nathan Hunstad, Deputy CISO at Code42, explains the importance of addressing insider threats, how to make sure your employees are aware of the problem and how to make them proactive.
Researchers outline the Lazarus APT offensive toolset
ESET researchers uncovered and analyzed a set of malicious tools that were used by the Lazarus APT group in attacks during the end of 2021. The campaign started with spear phishing emails containing malicious Amazon-themed documents, and it targeted an employee of an aerospace company in the Netherlands and a political journalist in Belgium. The primary goal of the attackers was data exfiltration.
Former Uber CSO convicted for concealing data breach, theft from the authorities
Joe Sullivan, the former Chief Security Officer (CSO) of Uber, has been convicted of obstruction of proceedings of the Federal Trade Commission and misprision of felony in connection with the attempted cover-up of the hack Uber suffered in 2016.
Fine-tuning Germany’s cybersecurity strategy
In this interview with Help Net Security, Eileen Walther, Northwave’s Country Manager for Germany and specialized in information security, talks about Germany’s cybersecurity future, working on information security strategy, and more.
Incident responders increasingly seek out mental health assistance
Incident responders are primarily driven by a strong sense of duty to protect others. This responsibility that’s increasingly challenged by the surge of disruptive attacks, from the proliferation of ransomware attacks to the recent rise of wiper malware, according to IBM Security.
Detecting fileless malware infections is becoming easier
Lurking fileless threats alone should warrant the implementation of memory analysis into regular workflows. While the concerns of security teams with past approaches to memory analysis are valid, innovative solutions have significantly improved the user experience and accelerated the collection and analysis process.
Average company with data in the cloud faces $28 million in data-breach risk
Hard-to-control collaboration, complex SaaS permissions, and risky misconfigurations — such as admin accounts without multi-factor authentication (MFA) — have left a dangerous amount of cloud data exposed to insider threats and cyberattacks, according to Varonis.
3 ways enterprises can mitigate social engineering risks
In this Help Net Security video, Alon Levin, VP of Product Management at Seraphic Security, explains what social engineering is, and how prevalent it is. He offers insight into the three ways enterprises can mitigate the risks of social engineering.
Is mandatory password expiration helping or hurting your password security?
For decades cybersecurity professionals held tight to the idea that passwords needed to be changed on a regular basis. In recent years, however, organizations such as NIST and Microsoft have abandoned this longstanding best practice and are now recommending against mandatory password expiration.
Shadow APIs hit with 5 billion malicious requests
Cequence Security released its first half 2022 report titled, “API Protection Report: Shadow APIs and API Abuse Explode.” Chief among the findings was approximately 5 billion (31%) malicious transactions targeted unknown, unmanaged and unprotected APIs, commonly referred to as shadow APIs, making this the top threat challenging the industry.
Tackling the weaknesses of smart buildings’ technology
In this Help Net Security video, Alex Chan, Director of Enterprise Security, Buildings Segments at Schneider Electric, discusses the major potential weaknesses of smart buildings’ technology and what we can do enhance the protection of these building systems.
When transparency is also obscurity: The conundrum that is open-source security
Open-source software (OSS) has a lot of advocates. After all, why would we continuously try and write code that solves problems that others have already solved? Why not share the knowledge and gradually and incrementally improve existing open-source solutions? These egalitarian ideals are arguably central to civilization itself – never mind software – but also contain underlying tensions that have been a challenge for generations.
Why organizations take data sovereignty seriously
In this Help Net Security video, Paul Speciale, CMO at Scality, discusses how cloud technologies will benefit from this trend, with IT teams employing several data storage strategies to achieve sovereignty.
API authentication failures demonstrate the need for zero trust
The use of application programming interfaces (APIs) has exploded as businesses deploy mobile apps, containers, serverless computing, microservices, and expand their cloud presence. Consequently, many APIs are developed and deployed very quickly, leading to the persistence of coding errors, with poor authentication practices numbering among the top offenses.
The impact of DevSecOps practices on software development
In this Help Net Security video, Daniel Riedel, SVP Strategic Services at Copado, talks about what DevSecOps is, and how it impacts software development.
Unearth offboarding risks before your employees say goodbye
Saying goodbye is never easy. That’s especially true when it comes to employee offboarding – but not due to sentimentality. In our increasingly digital workplace, offboarding interns, contractors or full-time employees too often ends up with them still having access to some applications and sensitive information after they leave companies.
HTTP request smuggling vulnerability in Node.js (CVE-2022-35256)
In this Help Net Security video, Austin Jones, Principal Software Engineer at ThreatX, explains what HTTP request smuggling is, and discusses a recently uncovered HTTP request smuggling vulnerability in Node.js (CVE-2022-35256).
Dissect: Open-source framework for collecting, analyzing forensic data
A game changer in cyber incident response, the Dissect framework enables data acquisition on thousands of systems within hours, regardless of the nature and size of the IT environment to be investigated after an attack.
CIS Controls v8: Safeguards to mitigate the most prevalent cyber-attacks
In this Help Net Security video, Joshua Franklin, Senior Cybersecurity Engineer at Center for Internet Security (CIS), discusses CIS Controls v8, enhanced to keep up with modern systems and software.
APIs are quickly becoming the most popular attack vector
In this Help Net Security video, Shay Levi, CTO at Noname Security, discusses the findings from a recent API security report, which reveals a growing number of API security incidents, a concerning lack of API visibility, and a level of misplaced confidence in existing controls.
What $1B in cybersecurity funding can mean for US state, local governments
How do you best spend a cybersecurity budget you have long been hoping you’d get? That’s the question state, local, and territorial (SLT) governments are starting to ask themselves in the wake of a major September announcement from the Department of Homeland Security.
CIS Hardened Images on AWS Marketplace
Does your organization spend countless resources hardening operating systems in the cloud? That’s why CIS pre-hardens virtual machine (VM) images to CIS Benchmark standards. See how these CIS Hardened Images work by trying one in your cloud environment.
Infosec products of the month: September 2022
Here’s a look at the most interesting products from the past month, featuring releases from: 42Crunch, Avetta, Cloudflare, Code42, Commvault, D3 Security, Illumio, Kingston Digital, Malwarebytes, Netography, novoShield, Onfido, Socure, TransUnion, and Truecaller.
New infosec products of the week: October 7, 2022
Here’s a look at the most interesting products from the past week, featuring releases from HashiCorp, Legit Security, LiveAction, LogRhythm, Pentest People, and Verica.
from Help Net Security https://ift.tt/5cnC3oP
0 comments:
Post a Comment