Week in review: MFA effectiveness, SMBs and Win7 security, the quantum computing threat

Here’s an overview of some of last week’s most interesting news, interviews and articles:

Unpatched Android flaw exploited by attackers, impacts Pixel, Samsung, Xiaomi devices
A privilege escalation vulnerability affecting phones running Android 8.x and later is being leveraged by attackers in the wild, Google has revealed.

Sophos Managed Threat Response: An evolved approach to proactive security protection
In its 2019 market guide for managed detection and response (MDR) services, Gartner forecasted that by 2024, 25% of organizations will be using MDR services, up from less than 5% today.

How long before quantum computers break encryption?
The verdict is in: quantum computing poses an existential threat to asymmetric cryptography algorithms like RSA and ECC that underpin practically all current Internet security.

Danish company Demant expects to suffer huge losses due to cyber attack
Danish hearing health care company Demant has estimated it will lose between $80 and $95 million due to a recent “cyber-crime” attack.

Good cybersecurity comes from focusing on the right things, but what are they?
“There is no wrong way into the security field and it’s never too late to make a career switch that will take you there,” says Mark Orlando, CTO at Raytheon Cyber Protection Solutions.

Ransomware attacks against small towns require collective defense
There is a war hitting small-town America. Hackers are not only on our shores, but they’re in our water districts, in our regional hospitals, and in our 911 emergency systems.

Google adds Password Checkup feature to Google Accounts, Chrome
The popularity of Google’s Password Checkup Chrome extension has spurred the company to build the technology into Google Account’s Password Manager and the Chrome browser.

Microsoft will continue providing Windows 7 security updates for SMBs
Luckily for SMBs that don’t want or can’t upgrade from Windows 7, Microsoft has decided to provide extended security updates (ESU) through January 2023 – if they are willing to pay for them, of course.

Guess what? You should patch Exim again!
Hot on the heels of a patch for a critical RCE Exim flaw comes another one that fixes a denial of service (DoS) condition (CVE-2019-16928) that could also be exploited by attackers to pull off remote code execution.

eBook: The DevOps Roadmap for Security
DevOps is concerned with uniting two particular tribes: development and operations. These tribes have seemingly competing priorities: developers value features while operations value stability.

Urgent11 flaws affect more medical, industrial devices than previously thought
When, in late July, Armis researchers revealed the existence of the so-called Urgent11 vulnerabilities in Wind River’s VxWorks real-time operating system, they noted that RTOS offerings by other vendors may also be vulnerable.

PDFex attacks can exfiltrate content from encrypted PDF documents
Researchers from Ruhr University Bochum and Münster University of Applied Sciences have devised new attacks allowing them (and potential attackers) to recover the plaintext content of encrypted PDF documents.

Vulnerability in Cisco Webex and Zoom may expose online meetings to snooping
Cequence Security’s CQ Prime Threat Research Team discovered of a vulnerability in Cisco Webex and Zoom video conferencing platforms that potentially allows an attacker to enumerate or list and view active meetings that are not protected.

October 2019 Patch Tuesday forecast: Be sure to apply service stack updates
The service stack is the Windows operating system component responsible for processing and deploying the OS and application patches/updates. Because this component is so critical to the ongoing maintenance and stability of the endpoint, Microsoft provides separate updates for the servicing stack itself in the form of SSUs.

Microsoft: Any form of MFA takes users out of reach of most attacks
What users need to know and accept is that not all MFA options are equally secure but that, generally, they are all a safer option than using just a password.

Managing and monitoring privileged access to cloud ecosystems
Cloud data breaches are on the rise, demonstrating time and again the need for a different approach and strategy when it comes to managing and monitoring privileged access to cloud ecosystems.

ThreatConnect Platform: Security insight for sound decision-making
In this interview, Jason Spies, VP of Engineering & Chief Architect, ThreatConnect, talks about the powerful features of the ThreatConnect Platform.

Microsoft to block 40+ additional file extensions in Outlook on the web
Microsoft is planning to block by default 40+ new file types in Outlook on the web to improve the security for their customers.

Assessing risk: Measuring the health of your infosec environment
There is an uncomfortable truth that many organizations are not conducting comprehensive assessments of their information security risk; or those that do aren’t getting much value out of assessment exercises — because they simply don’t know how.

Tolly report: Evaluating the evolution of network traffic analysis technology
Network Traffic Analysis has been rapidly evolving to counter the increased sophistication of threats experienced by organizations worldwide. Test methodologies and tools are not yet available which provide security professionals with the ability to test how well the products currently on the market perform.

DevSecOps is emerging as the main methodology for securing cloud-native applications
Only 8 percent of companies are securing 75 percent or more of their cloud-native applications with DevSecOps practices today, with that number jumping to 68 percent of companies securing 75 percent or more of their cloud-native applications with DevSecOps practices in two years, according to ESG.

The 5 biggest examples of executive threats and how to prevent them
Many executives focus their security efforts and budgets solely on physical threats, but attacks targeting an executive’s digital presence can be just as dangerous.

Companies vastly overestimating their GDPR readiness, only 28% achieving compliance
Over a year on from the introduction of the General Data Protection Regulation (GDPR), the Capgemini Research Institute has found that companies vastly overestimated their readiness for the new regulation with just 28% having successfully achieved compliance.

A proactive approach to cybersecurity requires the right tools, not more tools
The key challenge facing security leaders and putting their organizations at risk of breach is misplaced confidence that the abundance of technology investments they have made has strengthened their security posture, according to a study conducted by Forrester Consulting.

Email is an open door for malicious actors looking to exploit businesses
There’s an alarming scale of risks businesses are up against in a time when email is proving an open door for cybercriminals and malicious actors looking to disrupt, exploit and destroy businesses, according to Wire.

38% of the Fortune 500 do not have a CISO
To uncover whether the world’s leading companies are committed to enhancing their cybersecurity initiatives, Bitglass researched the members of the 2019 Fortune 500 and analyzed public-facing information such as what is available on their websites.

Enterprises leaving themselves vulnerable to cyberattacks by failing to prioritize PKI security
IoT is one of the fastest growing trends in technology today, yet enterprises are leaving themselves vulnerable to dangerous cyberattacks by failing to prioritize PKI security, according to new research from nCipher Security.

New infosec products of the week: October 4, 2019
A rundown of infosec products released last week.




Share this