Here’s an overview of some of last week’s most interesting news and articles:
Researchers link Industroyer to NotPetya
ESET researchers believe they have found evidence that the TeleBots APT was behind the December 2016 attacks against the Ukraine energy sector that resulted in blackouts throughout the country: a backdoor dubbed Exaramel.
Four critical KPIs for securing your IT environment
What should you be measuring when it comes to your security program?
Serious lack of infosec professionals a key risk to national security
Enlisting the next generation of skilled cybersecurity workers and training existing employees will help build stronger defenses and restore confidence among digital citizens.
Every month should be Cyber Security Awareness Month
In 2004, October was deemed National Cyber Security Awareness Month (NCSAM). It’s been 14 years since its inception, has it worked? Are we more aware of the perils in the world of cyber security?
PoC exploit for Windows Shell RCE released
Here’s one more reason to hurry with the implementation of the latest Microsoft patches: a PoC exploit for a remote code execution vulnerability that can be exploited via Microsoft Edge has been published and can be easily adapted by attackers.
Magecart hacks Shopper Approved to simultaneously hit many e-commerce sites
The cybercriminal groups under the Magecart umbrella strike again and again, and one of them has apparently specialized in compromising third parties to more easily get in as many online shops as possible.
October 2018 Patch Tuesday: Microsoft fixes 49 flaws, one APT-wielded zero-day
With the October 2018 Patch Tuesday release Microsoft has fixed 49 vulnerabilities, 12 of which are rated “critical.”
Keeping your cloud malware-free: What you need to know
What are some of the best tips for keeping an organization secure?
9 million Xiongmai cameras, DVRs wide open to attack
SEC Consult researchers have issued a warning about a handful of critical vulnerabilities they discovered in video surveillance equipment by Chinese manufacturer Hangzhou Xiongmai Technology.
IIS attacks surge from 2,000 to 1.7 million over last quarter
IIS, Drupal, and Oracle WebLogic web technologies experienced increased attacks in Q2 2018.
Privileged account practices are poor, and IT security teams know it
Among the survey’s most surprising findings are that nearly one-third of organizations are using manual methods or spreadsheets to manage privileged account credentials, and one in 20 IT security professionals admit they have no way of knowing if a user is fully deprovisioned when they leave the company or change their role.
Apple fixes iOS 12 passcode bypass vulnerabilities
Two security bugs allow a physically present attacker to bypass the device’s lock screen.
Securing campus networks became more challenging
89 percent of IT professionals reporting an increase in the number of connected devices on campus networks. IT professionals are also challenged with a high volume of turnover in students each year when one quarter or more of their users change.
MikroTik routers with default credentials can be easily compromised
If you own a MikroTik router and you haven’t updated its RouterOS in the last month, you should do so now: Tenable Research has released details about four vulnerabilities they found in the OS, including an authenticated remote code execution flaw that can be leveraged against routers with default credentials.
Identity spoofing is the most prevalent attack vector for the gaming and gambling industry
A new ThreatMetrix Cybercrime Report revealed that identity spoofing, fuelled by stolen identity data, is the most prevalent attack vector for the gaming and gambling industry. It also pinpointed a marked growth in location (IP) spoofing attacks.
Juniper fixes 30+ vulnerabilities in its routing, switching devices
Juniper Networks has issued fixes for over thirty vulnerabilities affecting its routing, switching and security products running Junos OS.
Cryptomining dethrones ransomware as top threat in 2018
Cybercriminals are shifting to increasingly sophisticated and targeted means of attack while also expanding their money making endeavors.
945 data breaches led to compromise of 4.5 billion data records in first half of 2018
Compared to the same period in 2017, the number of lost, stolen or compromised records increased by a staggering 133 percent, though the total number of breaches slightly decreased over the same period, signaling an increase in the severity of each incident.
Most hosting providers take too long to remove malware distribution sites
How long does it take web hosting providers to remove malware distribution sites parked on their network? Roman Hussy, the Swiss security activist behind abuse.ch, says that, on average, it takes them 3 days, 2 hours, and 33 minutes.
DevOps and digital transformation initiatives are creating insecure apps
WhiteHat Security released its 2018 Application Security Statistics Report, “The Evolution of the Secure Software Lifecycle,” which identifies the security vulnerabilities and challenges introduced into the enterprise through traditional applications, and through agile development frameworks, microservices, APIs, and cloud architectures.
New infosec products of the week: October 12, 2018
A rundown of infosec products released last week.