Week in review: Umasking cybercriminals, improving incident response, macOS Catalina security

Here’s an overview of some of last week’s most interesting news and articles:

Winning the security fight: Tips for organizations and CISOs
If you ask Matthew Rosenquist, a former Cybersecurity Strategist for Intel (now independent), overcoming denial of risk, employing the right cybersecurity leader, and defining clear goals are the three most critical objectives for avoiding a negative outcome.

Imperva explains how their recent security incident happened
In late August, Imperva suffered a security incident, resulting in the compromise of sensitive information of some of their Cloud WAF (formerly Incapsula) customers. On Thursday, Imperva CTO Kunal Anand finally explained how it all happened.

Cisco closes high-impact vulnerabilities in its security offerings
Cisco has fixed 18 high-impact vulnerabilities affecting several of its security offerings and is advising administrators to test and implement the offered security updates as soon as possible.

Free eBook: Threat intelligence platforms
ThreatConnect compiled the latest data and use cases on threat intelligence to help your organization better understand the purpose and function of a Threat Intelligence Platform (TIP).

2FA, HTTPS and private browsing still a mystery to most Americans
Most US adults know what phishing scams are and where they occur, what browser cookies do, and that advertising is the largest source of revenue for most social media platforms, a recent Pew Research Center survey aimed at testing American’s digital knowledge has revealed.

macOS Catalina: Security and privacy improvements
Apple has released macOS Catalina (v10.15), a new major release of its desktop operating system, which comes with many functional and security and privacy improvements.

Microsoft NTLM vulnerabilities could lead to full domain compromise
Preempt researchers have discovered two vulnerabilities that may allow attackers to bypass a number of protections and mitigations against NTLM relay attacks and, in some cases, to achieve full domain compromise of a network.

Insider threats are security’s new reality: Prevention solutions aren’t working
nsider threats expose companies to breaches and put corporate data at risk. New research from Code42 questions whether the right data security solutions are being funded and deployed to stop insider threats and asserts that legacy data loss prevention solutions fall short in getting the job done.

Critical command execution vulnerability in iTerm2 patched, upgrade ASAP!
A critical vulnerability (CVE-2019-9535) in iTerm2, a macOS terminal emulator frequently used by developers and system administrators, could allow attackers to take control of a target system.

Cloud-native applications need a unified continuous security approach
Cloud-native has arrived and now, it’s taking over. By 2021, 92% of companies will go cloud-native. It’s faster, it’s more efficient, more scalable, and more flexible. But is it more secure?

Product showcase: Awake Security Network Traffic Analysis Platform
Security experts profess that enterprise organizations must assume their network is already compromised. Cyber-attacks use network communications for malware distribution, command and control, and data exfiltration. With the right tools, security professionals should be able to uncover malicious activity and take prompt action to mitigate it.

Unmask cybercriminals through identity attribution
Organized crime has grown more complex since the turn of the century—coinciding with the rise of the digital world, cybercriminals have leveraged the proliferation of technology to broaden their reach with a more sophisticated network-structured model, effectively globalizing their operations in cyberspace and ultimately allowing cybercriminals to devastate companies and consumers alike.

Internal user mistakes create large percentage of cybersecurity incidents
Internal user mistakes created the largest percentage of cybersecurity incidents over the past twelve months (80%), followed by exposures caused by poor network system or application security (36%), and external threat actors infiltrating the organization’s network or systems (31%), SolarWinds research reveals.

Build or buy: What to consider when deploying on-premise or cloud-based PKI
Public Key Infrastructure (PKI), once considered an IT table stake, has transformed from a tool used to protect websites to a core digital identity management function within the cybersecurity framework. Today’s PKI establishes and manages digital identities across people, applications and devices within the enterprise.

Report: 2019 eSentire Threat Intelligence Spotlight
This new report, Threat Intelligence Spotlight: The Shifting Framework of Modern Malware, draws on data gathered from the 650-plus organizations that eSentire protects and Carbon Black’s extensive endpoint protection install base.

Organizations need tools that support DevOps security
Organizational silos create unnecessary security risk for global businesses. The lack of security involvement in DevOps projects was reportedly creating cyber risk for 72% of IT leaders, according to Trend Micro.

Whitepaper: Identifying Web Attack Indicators
Attackers are always looking for ways into web and mobile applications. The 2019 Verizon Data Breach Investigation Report listed web applications the number ONE vector attackers use when breaching organizations.

Digital transformation requires an aggressive approach to security
Organizations agree, building security into digital transformation initiatives is a priority, yet the recommended path to progress is unclear, according to a survey conducted by ZeroNorth.

Majority of IT departments leave major holes in their USB drive security
For the second year in a row, the majority of employers are failing to equip their employees with the appropriate technologies, procedures and policies to ensure data security across the organization, according to Apricorn.

64% of IT decision makers have reported a breach in their ERP systems in the past 24 months
ERP applications are ‘critical’ to business operations, according to the IDC survey of 430 IT decision makers.

The top 10 strategic government technology trends CIOs should plan for
The top 10 government technology trends for 2019-2020 that have the potential to optimize or transform public services have been identified by Gartner.

Phishing attempts increase 400%, many malicious URLs found on trusted domains
1 in 50 URLs are malicious, nearly one-third of phishing sites use HTTPS and Windows 7 exploits have grown 75% since January.

Cybercrime is maturing, shifting its focus to larger and more profitable targets
Cybercrime is continuing to mature and becoming more and more bold, shifting its focus to larger and more profitable targets as well as new technologies. Data is the key element in cybercrime, both from a crime and an investigate perspective.

11 steps organizations should take to improve their incident response strategy
As the year draws to a close, it is time for businesses across all industries and sectors to reflect and prepare for the upcoming new year. With this in mind, FIRST has produced 11 vital steps that organizations should take to improve their incident response strategy.

New infosec products of the week: October 11, 2019
A rundown of infosec products released last week.

More about

Don't miss