Week in review: Oracle WebLogic zero-day under attack, a new way to improve network security

Here’s an overview of some of last week’s most interesting news and articles:

Qualcomm chips leak crypto data from secure execution environment
A vulnerability in Qualcomm chips could be exploited by attackers to retrieve encryption keys and sensitive information from the chipsets’ secure execution environment, NCC Group researchers have found.

PDF: The vehicle of choice for malware and fraud
There has been a substantial increase of fraudulent PDF files, according to a report by SonicWall Capture Labs threat researchers.

What you can expect at HITBSecConf2019 Amsterdam
Taking place across 5 days from the 6th till the 10th of May 2019, HITBSecConf2019 Amsterdam is one of the most prestigious cybersecurity events in Europe. With the event celebrating a decade of excellence, we took this opportunity to sit down with Dhillon Andrew Kannabhiran, the Founder and CEO of Hack in The Box, to talk about this year’s conference.

Cybercriminals are becoming more methodical and adaptive
Cybercriminals are deviating towards a more focused approach against targets by using better obfuscation techniques and improved social engineering skills as organizations improve in areas such as time to detection and response to threats, according to Trustwave.

Scientists may have identified a new way to improve network security
Researchers at the U.S. Army Combat Capabilities Development Command’s Army Research Laboratory, the Army’s corporate research laboratory also known as ARL, and Towson University may have identified a new way to improve network security.

Researchers flag new Oracle WebLogic zero-day RCE flaw
Attackers looking to compromise Oracle WebLogic servers for their own needs have a new zero-day RCE flaw at their disposal.

Another European manufacturer crippled by ransomware
Aebi Schmidt, a Switzerland-based manufacturer and provider of municipal and agriculture machinery, has apparently been hit by ransomware.

Employers should develop cybersecurity protocols and invest more in employee training programs
Organizations want to trust their employees when it comes to cybersecurity, but to do so, they need to better leverage technology.

The foundation: Quantifying risk with focused security measurement
When you hear “quantify risk,” you might think it’s the buzz-term du jour. You might be right.

Are your passwords among the 100,000 most breached ones?
Year after year, the list of most often used passwords changes but a little: the latest one, compiled by infosec researcher Troy Hunt and published by the UK National Cyber Security Centre (NCSC), puts “123456”, “123456789”, “qwerty”, “password” and “111111” on the top five spots.

Nearly half of firms suffer data breaches at hands of vendors
As trusted partners, third-party vendors often become the overlooked or unwitting accomplice in criminal activities. As privacy laws and cybersecurity regulations continue to increase accountability around data confidentiality and protection, eSentire wanted to know how seriously firms take the risks associated with third-party vendors, and their vendors’ vendors.

Attackers are weaponizing more vulnerabilities than ever before
2018 had the most weaponized vulnerabilities ever (177), which represents a 139% increase compared to 2017, according to the RiskSense latest report.

Whitepaper: Third-Party Risk to the Nth Degree
For many, cost-effective scalability usually means outsourcing some or all of your business functions to a complex web of third-party vendors.

Best practices when implementing SD-WAN
SD-WAN involves many components that contribute to overall internet network performance such as national policy, security, hardware delivery, installation and cloud applications. Each element can significantly affect a successful SD-WAN transformation.

You can’t fix what you can’t see: A new way of looking at network performance
Network performance, or the service quality of a business’ network, is critical to running a successful enterprise. Imagine the cost to an organization when the corporate network or the e-commerce site is down or experiencing unacceptable latency.

Which employees receive the most highly targeted email-borne threats?
Workers in R&D/Engineering are the most heavily targeted group of employees within organizations, a new Proofpoint report says, and lower-level employees are at a higher risk of email-borne cyber threats than higher-level management roles and executives.

Latest numbers show why BEC/EAC scams are here to stay
Extortion has become the second most often reported type of cybercrime, but BEC/EAC scams still reign supreme when it comes to monetary loss (or criminals’ earnings), the latest IC3 Internet Crime Report has revealed.

Too fast, too insecure: Securing Mongo Express web administrative interfaces
Mongo Express is a lightweight web-based administrative interface deployed to manage MongoDB databases interactively. It is authored using Node.js, Express and Bootstrap packages. This case study highlights the deployment of Mongo Express admin panels without authentication on the Internet and the various measures to prevent the exposure.

Underserved populations unaware of cybersecurity risks
Members of underserved populations are less likely to know whether they have even been victimized by a cyber attack, and they have lower awareness of cybersecurity risks.