Week in review: Kali Linux evolution, ransomware getting more fearsome

Here’s an overview of some of last week’s most interesting news, articles and podcasts:

March 2020 Patch Tuesday forecast: Let’s put the madness behind us
Did you survive the madness of February 2020 Patch Tuesday and its aftermath? We saw Windows 7 and Server 2008 finally move into extended security support and then Microsoft pulled a rare, standalone Windows 10 security patch following some unexpected results.

How to gather cyber threat intelligence from dark markets without breaking US law
The U.S. Department of Justice’s Cybersecurity Unit has released guidelines for organizations that want to gather cyber threat intelligence from dark web forums/markets but, at the same time, want to stay on the right side of the (U.S. federal criminal) law.

Fake alerts about outdated security certificates lead to malware
Cyber criminals have been trying out a new approach for delivering malware: fake alerts about outdated security certificates, complete with an “Install (Recommended)” button pointing to the malware.

Kali Linux evolution: What’s next for the open source pentesting Linux distro?
The Kali open source project is funded and maintained by Offensive Security and Kali development is decided on and performed by a very small core team. Still, over the last year, they’ve made it a priority to leverage contributions from outside of it.

Ransomware getting more fearsome, but there’s reason for optimism
Cybercriminals continued a barrage of attacks in 2019, spurred on by botnets of infected IoT devices and by attacker interest in the Eternal Blue vulnerability. A report from F-Secure documents a steep increase in attack traffic in 2019 that was unmatched by previous years.

Vulnerability allows attackers to register malicious lookalikes of legitimate web domains
Cybercriminals were able to register malicious generic top-level domains (gTLDs) and subdomains imitating legitimate, prominent sites due to Verisign and several IaaS services allowing the use of specific characters that look very much like Latin letters, according to Matt Hamilton, principal security researcher at Soluble.

Exploring the impact that hybrid cloud is having on enterprise security and IT teams
While enterprises rapidly transition to the public cloud, complexity is increasing, but visibility and team sizes are decreasing while security budgets remain flat to pose a significant obstacle to preventing data breaches, according to FireMon’s 2020 State of Hybrid Cloud Security Report.

Unsecured databases continue leaking millions of records
UK ISP and telecom provider Virgin Media has confirmed on Thursday that one of its unsecured marketing databases had been accessed by on at least one occasion without permission (though the extent of the access is still unknown).

Security operations and the evolving landscape of threat intelligence
In this podcast recorded at RSA Conference 2020, we’re joined by the ThreatQuotient team talking about a threat-centric approach to security operations, the evolution of threat intelligence and the issues surrounding it.

5 considerations for building a zero trust IT environment
Zero trust isn’t a product or service, and it’s certainly not just a buzzword. Rather, it’s a particular approach to cybersecurity. It means exactly what it says – not “verify, then trust” but “never trust and always verify.”

You are focusing too much on vulnerabilities that pose little danger
Only half of the vulnerabilities in cloud containers ever posed a threat, according to a Rezilion study.

Microsoft releases PowerShell 7 for Windows, macOS and Linux
Microsoft has released PowerShell 7, the latest major update to its popular task automation tool and configuration management framework that can be used on various operating systems.

Soon, your password will expire permanently
Despite increased investments in global information security spending, companies still continue to get breached, and the majority of the time this is due to poor password practices.

Email domains without DMARC enforcement spoofed nearly 4X as often
As of January 2020, nearly 1 million (933,973) domains have published DMARC records — an increase of 70% compared to last year, and more than 180% growth in the last two years. In addition, 80% of all inboxes worldwide do DMARC checks and enforce domain owners’ policies — if domain owners have configured DMARC, a new Valimail report reveals.

Researchers use ultrasound waves vibrating through tables to access cellphones
Ultrasonic waves don’t make a sound, but they can still activate Siri on your cellphone and have it make calls, take images or read the contents of a text to a stranger. All without the phone owner’s knowledge. Attacks on cell phones aren’t new, and researchers have previously shown that ultrasonic waves can be used to deliver a single command through the air.

How adaptive trust makes security efficient
Adaptive trust begins by collecting data across the enterprise about user activities – who does what and when, and which apps and data they use to accomplish their tasks. Then algorithms are trained on the information to discern typical patterns, creating alerts when an activity is outside of what has been established as a normal baseline.

Do you have a data breach response plan?
While corporations today are more knowledgeable about security threats and prepared to respond to data breaches, there are key areas in which progress declined in 2019, according to a study conducted by the Ponemon Institute.

Guide: 10 critical issues to cover in your vendor security questionnaires
In today’s perilous cyber world, companies must carefully check their vendors’ cyber posture, and the initial vetting of any third party typically begins with a comprehensive security questionnaire. But these can be a headache, because many questionnaires include hundreds of questions, and many of them are irrelevant. What are the key questions that must be addressed to determine if vendors have a strong cyber posture?

Your cybersecurity strategy could use some ESP
Embedding cybersecurity into our enterprises remains a difficult problem to solve. Year after year, billions of dollars are spent on building checks and controls, but the rate of attacks and breaches has only accelerated. No one seems to be immune.

Online payment fraud attempts see 73% increase
Online payment fraud attempts increased by 73 percent in 2019, according to a report from Sift.

Orgs that sacrifice mobile security are twice as likely to suffer a compromise
The percentage of companies admitting to suffering a mobile-related compromise has grown (39%, when compared to last years’ 33%) despite a higher percentage of organizations deciding not to sacrifice the security of mobile and IoT devices to meet business targets.

Social engineering: Mind the identity verification gap
Regardless of organization size, attacks are becoming more targeted due to the proliferation of data. This calls for IT departments to close the identity verification gaps.

Let’s Encrypt will revoke 3m+ TLS/SSL certificates
The non-profit certificate authority Let’s Encrypt begins it’s effort to revoke a little over 3 million TLS/SSL certificates that it issued while a bug affected its CA software.




Share this