Week in review: Windows zero-day exploited, Patch Tuesday forecast, selecting a compliance solution

Here’s an overview of some of last week’s most interesting news, reviews and articles:

Git LFS vulnerability allows attackers to compromise targets’ Windows systems (CVE-2020-27955)
A critical vulnerability (CVE-2020-27955) in Git Large File Storage (Git LFS), an open source Git extension for versioning large files, allows attackers to achieve remote code execution if the Windows-using victim is tricked into cloning the attacker’s malicious repository using a vulnerable Git version control tool, security researcher Dawid Golunski has discovered.

November 2020 Patch Tuesday forecast: Significant OS changes ahead
November Patch Tuesday and the end-of-year holidays are rapidly approaching. Microsoft gave us a late release or maybe an early gift depending upon how you look at the new version of Windows 10. The Patch Tuesday updates appear to be light, so things are looking much better as we enter the final stretch for 2020.

Paying a ransom to prevent leaking of stolen data is a risky gamble
Ransomware groups have realized that their tactics are also very effective for targeting larger enterprises, and this resulted in a 31% increase of the average ransom payment in Q3 2020 (reaching $233,817), ransomware IR provider Coveware shared in a recently released report.

Ryuk ransomware behind one third of all ransomware attacks in 2020
There’s a growing use of ransomware, encrypted threats and attacks among cybercriminals leveraging non-standard ports, while overall malware volume declined for the third consecutive quarter, SonicWall reveals.

What is ad fraud and how can advertisers fight against it?
According to HP Enterprise’s Business of Hacking report, ad fraud is the easiest and most lucrative form of cybercrime, above activities such as credit card fraud, payment fraud and bank fraud. Luke Taylor, COO and Founder of TrafficGuard, explains why businesses should do what they can to detect and prevent it.

How to deal with the escalating phishing threat
In today’s world, most external cyberattacks start with phishing. For attackers, it’s almost a no-brainer: phishing is cheap and humans are fallible, even after going through anti-phishing training.

Google discloses actively exploited Windows zero-day (CVE-2020-17087)
Google researchers have made public a Windows kernel zero day vulnerability (CVE-2020-17087) that is being exploited in the wild in tandem with a Google Chrome flaw (CVE-2020-15999) that has been patched on October 20. Then the company patched two actively exploited Chrome zero-day vulnerabilities: CVE-2020-16009 is present in the desktop version of the browser, CVE-2020-16010 in the mobile (Android) version.

How smartphones became IoT’s best friend and worst enemy
Relying on the ubiquity of smartphones and the rise of remote controls, users and vendors alike have embraced the move away from physical device interfaces. This evolution in the IoT ecosystem, however, brings major benefits AND serious drawbacks.

Top tasks IT professionals are spending more time on
LogMeIn released a report that reveals the current state of IT in the new era of remote work. The report quantifies the impact of COVID-19 on IT roles and priorities for small to medium-sized businesses.

Quantum computers: How to prepare for this great threat to information security
Quantum computers also pose a big security problem. With exponentially higher processing power, they will be able to smash through the public-key encryption standards widely relied on today, threatening the security of all digital information and communication.

How do I select a compliance solution for my business?
To select a suitable compliance solution for your business, you need to think about a variety of factors. We’ve talked to several cybersecurity professionals to get their insight on the topic.

Review: Specops Password Policy
Specops Password Policy is a powerful tool for overcoming the limitations of the default password policies present in Microsoft Active Directory environments.

BEC attacks increase in most industries, invoice and payment fraud rise by 155%
BEC attacks increased 15% quarter-over-quarter, driven by an explosion in invoice and payment fraud, Abnormal Security research reveals.

The power of trusted endpoints
The vision of trusted endpoints is becoming a reality and finally, context-specific identities can be provisioned into most consumer devices.

Enterprise IT security teams continue to struggle
CyberEdge conducted a web-based survey of 600 enterprise IT security professionals from seven countries and 19 industries in August 2020 in an effort to understand how the pandemic has affected IT security budgets, personnel, cyber risks, and priorities for acquiring new security technologies.

Cybersecurity training: Learn how to secure containerized environments
For the last several years, Sheila A. Berta, Head of Security Research at Dreamlab Technologies, has been conducting investigations in a variety of information security areas like hardware hacking, car hacking, wireless security, malware and – more recently – Docker, Kubernetes and cloud security.

60% of organizations have accelerated their zero trust projects
The COVID-19 pandemic has not impacted the adoption of zero trust technology globally, a Pulse Secure report reveals. In fact, 60% of organizations said they have accelerated zero trust implementation during the pandemic.

Moving past the madness of manually updated X.509 certificates
One of the greatest advantages of the Microsoft CA is automation, but that advantage does not extend to endpoints outside the Windows environment.

Technology solutions providers must empower end users to improve cybersecurity standards
Despite the increasing sophistication of cyber attacks, TSPs that invest in key foundational, standardized approaches to training put their clients in a much stronger position.

Take back control of IT with cloud native IGA
It’s very difficult for organizations to maintain a highly customized code in their environments that the first generation of IGA products required. All those changes to the code will then need to be maintained. But modern IGA has learned from all the coding requirements of the past and now provides a much simpler way to give users different levels of access.

Report: Intelligent cyber threat response
Cybersecurity professionals know there are fundamental gaps in most cyber operations centers, one of which is the overwhelming level of effort required to understand cyber threat information.

Guide: 10 critical issues to cover in your vendor security questionnaires
In today’s perilous cyber world, companies must carefully check their vendors’ cyber posture, and the initial vetting of any third party typically begins with a comprehensive security questionnaire.

Video series: Get into the phisher’s mind
Check out this series to understand the phisher’s perspective and better defend your organization from cyber threats.

New infosec products of the week: November 6, 2020
A rundown of the most important infosec products released last week.




Share this