Week in review: Formjacking, flawed password managers, phishers’ new trick

Here’s an overview of some of last week’s most interesting news and articles:

IT security incidents affecting German critical infrastructure are on the rise
In 2017, the German Federal Office for Security in Information Technology (BSI) received 145 such reports from critical infrastructure providers. In the second half of 2018 alone that number reached 157.

CISO’s guide to an effective post-incident board report
To discover the dos and don’ts of how to handle the aftermath of a cyberattack, CISOs can look to the recent Marriott (do) and British Airways (don’t) post-breach responses. What these two companies did or didn’t do can inspire how CISOs approach the post-incident board report – including what information to relay, how to present it and, most important, what lessons were learned.

500 million WinRAR users open to compromise via a 19-year-old flaw
A vulnerability affecting all versions of WinRAR, the popular file archiver utility for Windows, could be exploited by attackers to deliver malware via specially crafted ACE archives.

74% of organizations face outages due to expired certificates
As information security budgets grow and funds are allocated to protect the defensive perimeter, many companies have overlooked the critical importance of digital certificate management. And a new study shows it could cost them up to $67.2 million over the next two years.

Criminal groups promising salaries averaging $360,000 per year to accomplices
New research from Digital Shadows reveals that criminal groups are promising salaries averaging the equivalent of $360,000 per year to accomplices who can help them target high-worth individuals, such as company executives, lawyers and doctors with extortion scams.

Should you trust that Chrome extension? Use CRXcavator to decide
CRXcavator automatically scans the entire Chrome Web Store every 3 hours and produces a quantified risk score for each Chrome Extension based on several factors.

Building security into cloud native apps with NGINX
NGINX is one of the “engines” that powers cloud infrastructure. NGINX tends to be used as a core of solutions as diverse as web servers, load balancers and API gateways.

Flawed password managers allow malware to steal passwords from computer memory
Researchers have tested the 1Password, Dashlane, KeePass and LastPass password manager applications for Windows, which are collectively used by 60 million users and 93,000 businesses worldwide.

(ISC)² Secure Summit EMEA will welcome hundreds of the best minds in cybersecurity
This year’s (ISC)² Secure Summit EMEA will take place in The Hague in April. In order to find out what elements set this event apart from other cybersecurity events, we sat down with Mary-Jo de Leeuw, Director of Cybersecurity Advocacy, EMEA at (ISC)².

Phishers’ new trick for bypassing email URL filters
Phishers have come up with another trick to make Office documents carrying malicious links undetectable by many e-mail security services: they delete the links from the document’s relationship file (xml.rels).

Highly critical Drupal RCE flaw could lead to new Drupalgeddon, patch now!
A new Drupalgeddon might be brewing: a highly critical vulnerability affecting all versions of the popular content management framework could allow hackers to take over vulnerable Drupal installations and the websites running on them.

How are businesses facing the cybersecurity challenges of increasing cloud adoption?
Cloud services serve core functions essential to all aspects of business operations, but getting cloud security right is still a challenge for many organizations, the 2019 Cloud Threat Report by Oracle and KPMG has shown.

Formjacking is the new get rich quick scheme for cybercriminals
Faced with diminishing returns from ransomware and cryptojacking, cybercriminals are doubling down on alternative methods, such as formjacking, to make money.

Rockwell Automation industrial energy meter vulnerable to public exploits
A low-skilled, remote attacker could use publicly available exploits to gain access to and mess with a power monitor by Rockwell Automation that is used by energy companies worldwide, ICS-CERT warns.

Free decryption tool could save victims millions in ransomware payments
A new decryption tool has been released for free on the No More Ransom depository for the latest strand of GandCrab.

European standards org releases consumer IoT cybersecurity standard
The European Telecommunications Standards Institute (ETSI) has released ETSI TS 103 645, a standard for cybersecurity in the Internet of Things, to establish a security baseline for internet-connected consumer products and provide a basis for future IoT certification schemes.

Indicators of poor password hygiene exposed
Account takeover facilitated by weak or stolen passwords is still one of the leading causes of fraud today.

Ryuk: What does the helpdesk tell us?
Cybercrime is the only criminal channel that provides a helpdesk. An amusing side note in the world of digital crime, and whilst considerable efforts have been taken to understand what the code infers about the source of attacks, very little is done regarding the administrative support provided by the malicious actors.

More about

Don't miss