Week in review: Zerologon PoCs released, five steps to recover from ransomware, CISOs’ golden opportunity

Here’s an overview of some of last week’s most interesting news, reviews and articles:

Most people ignore QR code security concerns
QR codes are rising in popularity and use, according to a consumer sentiment study by MobileIron. Sixty-four percent of respondents stated that a QR code makes life easier in a touchless world – despite a majority of people lacking security on their mobile devices, with 51% of respondents stating they do not have or do not know if they have security software installed on their mobile devices.

Are your domain controllers safe from Zerologon attacks?
CVE-2020-1472, a privilege elevation vulnerability in the Netlogon Remote Protocol (MS-NRPC) for which Microsoft released a patch in August, has just become a huge liability for organizations that are struggling with timely patching.

Review: Web Security for Developers: Real Threats, Practical Defense
Malcolm McDonald, with his 20 years of experience in programming, poured his knowledge into this book to offer comprehensive information about everything a developer needs to know to do their job properly and thoroughly.

Attacked by ransomware? Five steps to recovery
While there is a lot of discussion about preventing ransomware from affecting your business, the best practices for recovering from an attack are a little harder to pin down.

Microsoft open-sources tool that enables continuous developer-driven fuzzing
Microsoft has open-sourced OneFuzz, its own internal continuous developer-driven fuzzing platform, allowing developers around the world to receive fuzz testing results directly from their build system.

Aiming for a career in cybersecurity? Now is the time to pick up new skills
The required security measures are known and advice for achieving remote work security is easy to get, but implementing it all takes time and effort. Even before the advent of COVID-19, organizations had trouble filling all the cybersecurity positions they opened – and their needs have surely intensified in the last few months.

What are the most vulnerable departments and sectors to phishing attacks?
Keepnet Labs has revealed the most vulnerable departments and sectors against phishing attacks, based on a data set of 410 thousand phishing emails, covering a period of one year.

Justifying your 2021 cybersecurity budget
Sitting in the midst of an unstable economy, a continued public health emergency, and facing an uptick in successful cyber attacks, CISOs find themselves needing to enhance their cybersecurity posture while remaining within increasingly scrutinized budgets.

Telehealth is healthcare industry’s biggest cybersecurity risk
The rapid adoption and onboarding of telehealth vendors led to a significantly increased digital footprint, attack surface, and cybersecurity risk for both provider and patient data, a new report released by SecurityScorecard and DarkOwl has shown.

Cyber losses are increasing in frequency and severity
Cyber attacks have increased in number and severity since the onset of the pandemic. The changes organizations implemented to facilitate remote work have given cybercriminals new opportunities to launch campaigns exploiting mass uncertainty and fear.

Safari 14: New privacy and security features
Apple has released Safari 14, which features many functional improvements, a Privacy Report that shows all the trackers the browser has neutralized, and and does not support Adobe Flash anymore.

Attacks growing in both scope and sophistication, exposing gaps in the cloud native toolchain
There’s a growing, organized and increasingly sophisticated pattern of attacks on cloud native infrastructure, according to Aqua Security.

Mobile messengers expose billions of users to privacy attacks
A recent study by a team of researchers from the Secure Software Systems Group at the University of Würzburg and the Cryptography and Privacy Engineering Group at TU Darmstadt shows that currently deployed contact discovery services severely threaten the privacy of billions of users.

DDoS attacks rise in intensity, sophistication and volume
There have been significant shifts in DDoS attack patterns in the first half of 2020, a Neustar report reveals. There has been a 151% increase in the number of DDoS attacks compared to the same period in 2019. These included the largest and longest attacks that Neustar has ever mitigated at 1.17 Terabits-per-second (Tbps) and 5 days and 18 hours respectively.

In uncertain times, CISOs have a golden opportunity
As ransomware attacks become more frequent, IT and information security leaders often end up pointing fingers at each other after a cyber-attack. And there are many fingers in the room, adding to the chaos, trying to avoid responsibility, and deflecting ownership of the problem to other stakeholders.

How security theater misses critical gaps in attack surface and what to do about it
While there has been a strong industry movement towards security effectiveness and productivity, with approaches favoring prioritizing alerts, investigations and activities, there are still a good number of security theatrics carried out in many organizations.

How to enforce real-time controls based on behavior risk scoring
For decades, the traditional approach to securing digital assets has been based on using a primary set of credentials, namely a username and password. This binary model – a user supplies his/her credentials and they are allowed into the network, application, etc. – has run its course.

Report: The state of email security
The state of the world in 2020 is unlike anything we have experienced before, and it’s trickled down to have an impact on the IT and security world.

Google offers high-risk Chrome users additional scanning of risky files
Google is providing a new “risky files” scanning feature to Chrome users enrolled in its Advanced Protection Program (APP).

Product showcase: AppTrana
To shore up yesterday’s defense against today’s and tomorrow’s threats, defend your application by leveraging a new generation of risk-based fully managed cloud WAF.

More about

Don't miss