Week in review: Automated pentesting, Oracle WebLogic servers under attack

Here’s an overview of some of last week’s most interesting news and articles:

Easily exploitable RCE in Oracle WebLogic Server under attack (CVE-2020-14882)
A critical and easily exploitable remote code execution vulnerability (CVE-2020-14882) in Oracle WebLogic Server is being targeted by attackers, SANS ISC has warned.

Political campaigns adopt surveillance capitalism at their own peril
The race between competing political campaigns to out-collect, out-analyze and out-leverage voter data has raised concerns about the damaging effects it has on privacy and democratic participation, but also about the fact that all of this data, if seized by adversarial nation-states, opens up opportunities for affecting an election and sowing electoral chaos.

DNS attacks increasingly target service providers
The telecommunications and media sector is the most frequent victim of DNS attacks, according to EfficientIP.

Hackers breach psychotherapy center, use stolen health data to blackmail patients
News of an unusual data breach at a psychotherapy center in Finland broke over the weekend, after affected patients began receiving emails telling them to pay up or risk their personal and health data being publicly released.

A new threat matrix outlines attacks against machine learning systems
A report published last year has noted that most attacks against artificial intelligence (AI) systems are focused on manipulating them (e.g., influencing recommendation systems to favor specific content), but that new attacks using machine learning (ML) are within attackers’ capabilities.

Attacks on IoT devices continue to escalate
Attacks on IoT devices continue to rise at an alarming rate due to poor security protections and cybercriminals use of automated tools to exploit these vulnerabilities, according to Nokia.

Attackers finding new ways to exploit and bypass Office 365 defenses
Over the six-month period from March to August 2020, over 925,000 malicious emails managed to bypass Office 365 defenses and well-known secure email gateways (SEGs), an Area 1 Security study reveals.

How to apply data protection best practices to the 2020 presidential election
It’s safe to assume that we need to protect presidential election data, since it’s one of the most critical sets of information available. Not only does it ensure the legitimacy of elections and the democratic process, but also may contain personal information about voters. Given its value and sensitivity, it only makes sense that this data would be a target for cybercriminals looking for some notoriety – or a big ransom payment.

Work from home strategies leave many companies in regulatory limbo
Like most American businesses, middle market companies have been forced to rapidly implement a variety of work-from-home strategies to sustain productivity and keep employees safe during the COVID-19 pandemic. This shift, in most cases, was conducted with little chance for appropriate planning and due diligence.

Pktvisor: Open source tool for network visibility
NS1 announced that pktvisor, a lightweight, open source tool for real-time network visibility, is available on GitHub.

78% of Microsoft 365 admins don’t activate MFA
On average, 50% of users at enterprises running Microsoft 365 are not managed by default security policies within the platform, according to CoreView.

Cyber risk literacy should be part of every defensive strategy
While almost 95 percent of cybersecurity issues can be traced back to human error, such as accidentally clicking on a malicious link, most governments have not invested enough to educate their citizens about the risks, according to a report from the Oliver Wyman Forum.

Can automated penetration testing replace humans?
Recently though, tools that can be used to automate penetration testing under certain conditions have surfaced – but can they replace human penetration testers?

What the IoT Cybersecurity Improvement Act of 2020 means for the future of connected devices
Connected devices are becoming more ingrained in our daily lives and the burgeoning IoT market is expected to grow to 41.6 billion devices by 2025. As a result of this rapid growth and adoption at the consumer and commercial level, hackers are infiltrating these devices and mounting destructive hacks that put sensitive information and even lives at risk.

76% of applications have at least one security flaw
The majority of applications contain at least one security flaw and fixing those flaws typically takes months, a Veracode report reveals.

Most companies have high-risk vulnerabilities on their network perimeter
Positive Technologies performed instrumental scanning of the network perimeter of selected corporate information systems. A total of 3,514 hosts were scanned, including network devices, servers, and workstations. The results show the presence of high-risk vulnerabilities at most companies. However, half of these vulnerabilities can be eliminated by installing the latest software updates.

MDR service essentials: Market trends and what to look for
Mark Sangster, VP and Industry Security Strategist at eSentire, is a cybersecurity evangelist who has spent significant time researching and speaking to peripheral factors influencing the way that legal firms integrate cybersecurity into their day-to-day operations. In this interview, he discusses MDR services and the MDR market.

What’s next for cloud backup?
Cloud adoption was already strong heading into 2020. According to a study by O’Reilly, 88% of businesses were using the cloud in some form in January 2020. The global pandemic just accelerated the move to SaaS tools. This seismic shift where businesses live day-to-day means a massive amount of business data is making its way into the cloud.

Report: The need for pervasive email security
A more comprehensive email security solution is needed—one that protects at the perimeter, inside the network and the organization, and beyond the perimeter. Mimecast’s Email Security 3.0 strategy can help.

HITBSecTrain: Cutting-edge virtual cyber security trainings on a monthly basis
In November, to coincide with the virtual edition of HITBCyberWeek 2020, 10 deep-knowledge technical trainings are being offered, covering topics such as: 5G security awareness, practical malware analysis and memory forensics, mobile hacking, secure coding and DevSecOps, applied data science and machine learning for cybersecurity, and more.

New infosec products of the week: October 30, 2020
A rundown of the most important infosec products released last week.




Share this