Week in review: Attackers probing for vulnerable Exchange servers, RSA Conference 2020 coverage

Here’s an overview of some of last week’s most interesting news and articles:

RSA Conference 2020 coverage
Check out our microsite for related news, photos, product releases, and more.

Healthcare industry at greatest risk of data breach
The healthcare industry has significantly more exposed attack surfaces than any other industry surveyed, according to Censys’s research findings of cloud risks and cloud maturity by industry, revealed at RSA Conference 2020.

Attackers probing for vulnerable Microsoft Exchange Servers, is yours one of them?
CVE-2020-0688, a remote code execution bug in Microsoft Exchange Server that has been squashed by Microsoft in early February, is ripe for exploitation and could become a vector for ransomware groups in coming months, warns cybersecurity researcher Kevin Beaumont.

Almost three-quarters of all phishing sites now use SSL protection
The total number of phishing sites detected by the Anti-Phishing Working Group (APWG) worldwide in October through December 2019 was 162,155, following the all-time-high of 266,387 attacks recorded in July through September 2019.

OpenDXL Ontology: An open source language for connecting cybersecurity tools
The Open Cybersecurity Alliance (OCA) announced the availability of OpenDXL Ontology, the first open source language for connecting cybersecurity tools through a common messaging framework.

Google fixes another Chrome zero-day exploited in the wild
For the third time in a year, Google has fixed a Chrome zero-day (CVE-2020-6418) that is being actively exploited by attackers in the wild.

A new way for securing web browsers from hackers
A powerful new approach to securing web browsers is getting its first real-world application in the Firefox browser.

CWE list now includes hardware security weaknesses
The Mitre Corporation has released version 4.0 of the Common Weakness Enumeration (CWE) list, which has been expanded to include hardware security weaknesses.

By exploiting an LTE vulnerability, attackers can impersonate mobile phone users
Exploiting a vulnerability in the mobile communication standard LTE, researchers at Ruhr-Universität Bochum can impersonate mobile phone users. Consequently, they can book fee-based services in their name that are paid for via the mobile phone bill – for example, a subscription to streaming services.

Hacking has become a viable career, according to HackerOne
Not only are more hackers spending a higher percentage of their time hacking, they’re also earning a living doing it.

Changing the mindset of the CISO: From enforcer to enabler
With digital transformation investments expected to reach a staggering $7.4 trillion before 2023, organizations realize that they must disrupt their markets or risk being disrupted themselves. However, with digital transformation comes a multitude of cybersecurity-related challenges to overcome, and it’s up to the CISO to help businesses navigate the associated risks.

Shadow IoT: A growing threat to enterprise security
Zscaler released their second annual IoT report, compiled after analyzing their customers’ IoT transactions in the Zscaler cloud for two weeks. The company found 553 different IoT devices across 21 categories from 212 manufacturers.

Flaw affecting 1B+ Wi-Fi-enabled devices allows attackers to decrypt wireless network packets
ESET researchers have discovered Kr00k (CVE-2019-15126), a previously unknown vulnerability in Wi-Fi chips used in many client devices, Wi-Fi access points and routers.

97% of IT leaders worried about insider data breaches
A staggering 97% of IT leaders say insider breach risk is a significant concern, according to a survey by Egress.

Review: Specops Key Recovery
One of the more pressing risks linked to the use of mobile devices is the possibility of device loss or theft. If a device is lost, sensitive data (e.g., documents, account passwords) might get extracted and exposed.

Users still engaging in risky password, authentication practices
IT security practitioners are aware of good habits when it comes to strong authentication and password management, yet often fail to implement them due to poor usability or inconvenience, according to Yubico and Ponemon Institute.

ENISA publishes procurement guidelines for cybersecurity in hospitals
The EU Agency for Cybersecurity (ENISA) published a cybersecurity procurement guide for hospitals.

Modern malware is increasingly leveraging evasive behaviors
Modern malware is increasingly leveraging evasive behaviors, a new report by VMware Carbon Black released at RSA Conference 2020 has revealed. The report uncovers the top attack tactics, techniques, and procedures (TTPs) seen over the last year and provides specific guidance on ransomware, commodity malware, wipers, access mining and destructive attacks.

eSentire Annual Threat Intelligence Report: 2019 Perspectives and 2020 Predictions
Eliminate guesswork and get in-depth insights and practical recommendations for navigating the ever-changing cybercrime landscape. This data-laden, incident-rich report delivers insider information on the players, their motivations, tactics and targets so you can make informed security strategy decisions.

Download: The Ultimate Security Pros’ Checklist
The Ultimate Security Pros’ Checklist provides you with a concise and actionable way to keep track of all your operational, management and reporting tasks.

A new RCE in OpenSMTPD’s default install, patch available
Less than a month after the patching of a critical RCE flaw in OpenSMTPD, OpenBSD’s mail server, comes another call to upgrade to the latest version, as two additional security holes have been plugged.

Share this
You are reading
abstract

Week in review: Attackers probing for vulnerable Exchange servers, RSA Conference 2020 coverage