Week in review: Mass iPhone hacking, SSL VPNs under attack, SOC analysts overwhelmed

Here’s an overview of some of last week’s most interesting news, articles and podcasts:

Cybersecurity in the age of the remote workforce
Users can be set up for a productive experience while maintaining the security integrity for the enterprise.

Attackers are targeting vulnerable Fortigate and Pulse Secure SSL VPNs
Attackers are taking advantage of recently released vulnerability details and PoC exploit code to extract private keys and user passwords from vulnerable Pulse Connect Secure SSL VPN and Fortigate SSL VPN installations.

Five vendors accounted for 24.1% of vulnerabilities in 2019 so far
Further analysis reveals that 54% of 2019 vulnerabilities are Web-related, 34% have public exploits, 53% can be exploited remotely, and that 34% of 2019 vulnerabilities do not have a documented solution.

Worried about cyber pirates hijacking autonomous ships? Focus on port cybersecurity first
There is a glaring area of vulnerability on the port management side that has not been fully discussed or addressed: connected systems at our nation’s ports.

Google discovers websites exploiting iPhones, pushing spying implants en masse
Unidentified attackers have been compromising websites for nearly three years, equipping them with exploits that would hack visiting iPhones without any user interaction and deliver a stealthy implant capable of collecting much of the sensitive information found on users’ iOS-powered devices.

Imperva discloses security incident affecting Cloud WAF customers
Imperva, the well-known California-based web application security company, has announced that it has suffered a “security incident” involving its Cloud Web Application Firewall (WAF) product, formerly known as Incapsula.

1 in 4 employees would steal company information to secure their next job
According to a survey of 476 IT security professionals at Black Hat USA 2019, nearly one in four (24%) said they would take company information to help apply for a position at a competitor.

Attackers use large-scale bots to launch attacks on social media platforms
It has never been easier to connect with people worldwide on social media, gaming platforms or on digital marketplaces – and it has never been easier to launch large-scale automated, organized attacks on businesses from across the globe.

GitHub announces wider array of 2FA options, including security keys and biometrics
GitHub has started supporting the Web Authentication (WebAuthn) web standard, allowing users to use security keys for two-factor authentication with a wide variety of browsers and devices.

How to evaluate a password management solution for business
If a business is considering rolling out a password manager, there are a few things to consider when evaluating the options.

Knowing what’s on your hybrid-IT environment is fundamental to security
In this Help Net Security podcast recorded at Black Hat USA 2019, Shiva Mandalam, VP of Products, Visibility and Control at Qualys, talks about the importance of visibility.

Thinking network-first to protect against security threats
Taking a closer look at how to address the multitude of challenges posed to organizations’ networks, there are four considerations to adhere to, ranging from having a firm grasp of where data resides to having the proper strategy in place to maintain optimal cybersecurity posture.

Using deep learning and natural language understanding to protect enterprise communication
In this Help Net Security podcast recorded at Black Hat USA 2019, Dhananjay Sampath, CEO at Armorblox, talks about how they use natural language understanding and deep learning to automatically create and adapt policies, continuously measure risk exposure, and prevent attacks and data loss.

CISO priorities: Implementing security from the get-go
Organizations must change the way they implement security and change the way they look at it, says Dr. David Brumley, CEO of ForAllSecure, a Carnegie Mellon computer science professor (on leave), and part of the team that won the DARPA Cyber Grand Challenge.

Fileless attacks designed to disguise malicious activity up 265%
Trend Micro published its roundup report for the first half of 2019, revealing a surge in fileless attacks designed to disguise malicious activity. Detections of this threat alone were up 265% compared to the first half of 2018.

New ransomware grows 118% as cybercriminals adopt fresh tactics and code innovations
McAfee Advanced Threat Research (ATR) observed innovations in ransomware campaigns, with shifts in initial access vectors, campaign management and technical innovations in the code.

SOCs still overwhelmed by alert overload, struggle with false-positives
Security Operations Center (SOC) analysts continue to face an overwhelming number of alerts each day that are taking longer to investigate, leading five times as many SOC analysts this year to believe their primary job responsibility is simply to “reduce the time it takes to investigate alerts”.

What the education industry must do to protect itself from cyber attacks
Each year, more schools make the transition to the cloud and security falls further behind.

How passwords paved the way for new technology
With a password you don’t need any other device or apparatus to get access, it’s simple. But in its simplicity, there is significant risk. That risk is due in large part to management issues both on the back end (IT) and with the end-user.

Growing cloud adoption introduces visibility gaps and security complications
As the quantity and frequency of advanced threats continue to accelerate, a new SANS Institute survey found that a continued lack of visibility and the complexity of managing data across on-premises and cloud infrastructures further complicates the battle against such threats.

What can be done about the rising click interception threat?
Ad networks’ increasingly successful efforts to detect bot-based ad click fraud has forced attackers to focus more on intercepting and redirecting legitimate users’ clicks.