Week in review: Web shell malware, client-side web security, phishers exploit Zoom and Webex

Here’s an overview of some of last week’s most interesting news and articles:

46% of SMBs have been targeted by ransomware, 73% have paid the ransom
Ransomware attacks are not at all unusual in the SMB community, as 46% of these businesses have been victims. And 73% of those SMBs that have been the targets of ransomware attacks actually have paid a ransom, Infrascale reveals.

Web shell malware continues to evade many security tools
Cyber attackers are increasingly leveraging web shell malware to get persistent access to compromised networks, the US National Security Agency and the Australian Signals Directorate warn.

Phishers exploit Zoom, Webex brands to target businesses
Proofpoint researchers have spotted and documented email phishing campaigns targeting US companies in a variety of industries with emails impersonating Zoom and Cisco (Webex).

Starbleed vulnerability: Attackers can gain control over FPGAs
In a joint research project, scientists have now discovered that a critical vulnerability is hidden in these chips. They called the security bug Starbleed.

Foiling content-borne attacks against a remote workforce
Opening a single email with a malicious URL or attachment can threaten your organization. In this interview, Liron Barak, CEO at BitDam, discusses the cybersecurity issue related to remote work, the inadequate security of collaboration tools, and more.

Review: Cybersecurity – Attack and Defense Strategies
Yuri Diogenes, a professor at EC-Council University and Senior Program Manager at Microsoft, and Dr. Erdal Ozkaya, a prominent cybersecurity professional, advisor, author, speaker and lecturer, published the second edition of their acclaimed book “Cybersecurity – Attack and Defense Strategies”.

Google unveils secure remote access service to unburden enterprise VPNs
Google has made available BeyondCorp Remote Access, a cloud-based, zero trust service that allows employees, contractors and partners to securely access specific corporate resources from untrusted networks without having to use the company’s VPN.

Phishers exploiting employees’ layoff, payroll concerns
A few days ago, we outlined several phishing campaigns going after Zoom and Webex credentials of employees. Two new ones are trying to exploit their (at the moment very rational) fears by delivering fake “Zoom meeting about termination” emails and fake notifications about COVID-19 stimulation/payroll processing.

Five best practices for achieving and maintaining SOC 2 compliance
A crucial framework for technology companies and cloud-based organizations, SOC 2 is both a technical audit and a requirement that comprehensive information security policies and procedures be written and followed.

Average bandwidth of DDoS attacks increasing, APIs and applications under attack
The volume and complexity of attacks continued to grow in the first quarter of 2020, according to Link11.

What is the impact of AI and ML tools on cybersecurity?
89% of IT professionals believe their company could be doing more to defend against cyberattacks, with 64% admitting they are not sure what AI/ML means – despite increased adoption at a global scale, Webroot reveals.

Multiple vulnerabilities discovered in smart home devices
ESET researchers found serious security vulnerabilities in three different home hubs: Fibaro Home Center Lite, HomeMatic Central Control Unit (CCU2) and eLAN-RF-003.

Client-side web security
To address attacks such as XSS, Magecart and other card skimming exploits found in modern eCommerce environments, the use of client-side web security methods is beginning to emerge as a particularly useful practice.

Massive work-from-home movement exposes cybersecurity weaknesses
News coverage of the recent uptick in cyber threat activity is showing an incomplete picture. Despite the focus on VPN hacks and attacks at home, computers at more than 50,000 organizations in the US had been infected prior to stay-at-home orders, according to Team Cymru and Arctic Security.

Multi-cloud key management and BYOK
Cloud providers such as Google Cloud Platform, AWS, and Microsoft Azure work hard to be the service provider of choice for enterprise customers. They often push the envelope with specialized features and capabilities unique to each platform. These features can often add real value for certain industries and applications and help to differentiate the platforms from each other.

Does working remotely actually work?
In the blink of an eye, remote work went from an experiment to a requirement. And as the results of a recent survey conducted by OnePoll reveal, work has a completely new look as employees around the world adapt to the realities or working from home.

Understanding web security solutions
As should be evident to anyone in the cyber security industry, the wide range of available web security solutions from commercial vendors will necessarily have varying degrees of effectiveness against different threats.

CISOs: Quantifying cybersecurity for the board of directors
Only 9% of security teams feel as if they are highly effective in communicating security risks to the board and to other C-suite executives, according to a recent survey conducted by the Ponemon Institute.

Five contingency best practices for SOCs to handle uncertainty
With a crush of new teleworkers and a significant increase in endpoints coming online, we’ve entered into a new reality. COVID-19 has disrupted our lives and the business world – possibly for longer than we’d planned. Once the pandemic ends, companies may take six months to get up and running normally, according to a CNBC Global CFO Council survey.

Let’s be realistic about our expectations of AI
Pop culture contains no shortage of intelligent robots. When the tool became viable and widely available in real life, people brought a number of enthusiastic but unrealistic expectations to the table. Unfortunately, Amazon’s Alexa isn’t as smart as HAL 9000, and a Roomba can’t clean your home like the Jetsons’ metallic maid, Rosie.

Handbook: Cyber-Risk Oversight 2020
The Internet Security Alliance (ISA) and the European Confederation of Directors’ Associations (ecoDa) released Cyber-Risk Oversight 2020, a handbook on cyber-risk management for corporate boards of directors in Europe.
Try the (ISC)2 Utilizing Big Data course – a $200 value – for FREE!
For a limited time, (ISC)² is offering non-members FREE access to the Utilizing Big Data express learning course – a $200 value!

New infosec products of the week: April 24, 2020
A rundown of the most important infosec products released last week.

More about

Don't miss