Week in review: Pen testing, Sunspot malware, Microsoft plugs Defender zero-day

Here’s an overview of some of last week’s most interesting news and articles:

Top videoconferencing attacks and security best practices
Videoconferencing has become a routine part of everyday life for remote workers, students, and families. Yet widespread adoption of this technology has also attracted nefarious characters whose motivations can range from simple disruption to full-out espionage.

SolarWinds hack investigation reveals new Sunspot malware
Crowdstrike researchers have documented Sunspot, a piece of malware used by the SolarWinds attackers to insert the Sunburst malware into the company’s Orion software.

January 2021 Patch Tuesday: Microsoft plugs Defender zero-day RCE
Microsoft has plugged 83 security holes, 10 of which are critical. One of the latter – a zero-day RCE (CVE-2021-1647) affecting Microsoft Defender antivirus – is being exploited in the wild, but Microsoft didn’t reveal more about these attacks.

Addressing the lack of knowledge around pen testing
The vast majority of attackers are opportunist criminals looking for easy targets to maximize their profits. If defenses are sufficiently fortified, finding a way through will be so difficult and time consuming that all but the most elite nation-state level threat actors will give up and go search of easier prey.

SOC analysts overloaded, but role more important than ever
Organizations are spending more to account for widespread security operation center (SOC) challenges including growing security management complexity, increasing analyst salaries, security engineering and management outsourcing costs, yet are still dissatisfied with the outcomes, Ponemon Institute and FireEye reveal.

Cybersecurity sales: Do you have what it takes to succeed?
Technology is at the heart of the world economy, and we’re moving into a new age of business where its technology – not people – is becoming the differentiator, says Terry Greer-King, VP EMEA at SonicWall.

Five emerging fraud threats facing businesses in 2021
With the growing threat of fraud fueled by the digital acceleration that took place in 2020, Experian revealed five emerging fraud threats facing businesses in 2021.

Data industry trends to watch in 2021
Okera researchers revealed five pivotal data industry trends and predictions expected to emerge in 2021.

Critical factors for early 5G success
The 5G ecosystem is reaching a level of technology maturity much more rapidly than earlier generations, enabling operators to develop network deployment and go to market strategies with mass-market appeal and scalable across evolving B2C, B2B and B2B2X business models.

SQL injection: The bug that seemingly can’t be squashed
If you’re in a hands-on cybersecurity role that requires some familiarity with code, chances are good that you’ve had to think about SQL injection over and over (and over) again.

Most containers are running as root, which increases runtime security risk
While container usage reveals organizations are shifting left by scanning images during the build phase, DevOps teams are still leaving their environments open to attack, according to Sysdig.

The future history of medical device cybersecurity
Regulators worldwide are working to close the healthcare vulnerability gap. And medical device manufacturers are waking up and responding positively to these emerging market pressures.

Securing the connected home: A joint task for homeowners and their ISP
As COVID-19 spread over the world and nations and businesses adapted to minimize citizens’ and employees’ personal interactions to help contain the infection, a greater than ever number of people stayed at and worked from home. As expected, this necessary adaptation did not go unnoticed by cyber criminals.

What analytics can unveil about bot mitigation tactics
25% of internet traffic on any given day is made up of bots, the Kasada Research Team has found. In fact, there is a synthetic counterpart for almost every human interaction online.

It’s time for a national privacy law in the US
The US remains one of the few major players in the global economy without national privacy legislation. Some states have enacted privacy laws, and the federal government has enacted industry-specific laws — HIPAA, Gramm-Leach-Bliley Act and FCRA — but there is no single, homogeneous enforceable set of data privacy guidelines that all US companies are required to follow.

Phishers count on remotely hosted images to bypass email filters
Images have been used for ages as a way to circumvent an email’s textual content analysis but, as security technologies became more adept at extracting and analyzing content from images, phishers began trying out several tricks to make the process more difficult and time-consuming for security scanners.

Understanding third-party hacks in the aftermath of SolarWinds
The SolarWinds hack is just one example of a third-party, supply chain compromise. And while the scale of the SolarWinds hack is certainly novel, third-party compromises are not.

Massive IT-employee disconnect hindering remote productivity
There’s a glaring disconnect between IT and employees that will hold organizations back from evolving with the market and embracing a long-term digital workplace that is successful, 1E reveals.

Strike a chord: What cybersecurity can learn from music
Most people have very little interest in learning about cybersecurity – awareness training is a chore, rather than a positive experience, and this is a huge part of the problem. To make cybersecurity more engaging for laypeople, we could start by making it as memorable as music often.

Minimizing cyberattacks by managing the lifecycle of non-human workers
The number of non-human workers is growing, particularly as global organizations increasingly prioritize cloud computing, DevOps, IoT devices, and other digital transformation initiatives. Yet, organizations frequently only apply access controls to humans (employees, contractors, etc.), despite the risks associated with cyberattacks and data breaches linked to non-human workers and their privileged access to sensitive information.

Ubiquiti warns customers about potential data breach
American networking tech vendor Ubiquiti is asking customers to change their password because of unauthorized access to some of their information technology systems hosted by a third party cloud provider.

More about

Don't miss