Week in review: Active Directory security, Dnsmasq vulnerabilities, how to select a fraud detection solution

Here’s an overview of some of last week’s most interesting news and articles:

Dnsmasq vulnerabilities open networking devices, Linux distros to DNS cache poisoning
Seven vulnerabilities affecting Dnsmasq, a caching DNS and DHCP server used in a variety of networking devices and Linux distributions, could be leveraged to mount DNS cache poisoning attack and/or to compromise vulnerable devices.

Vulnerability management isn’t working for cloud security: Here’s how to do it right
Three things in life are seemingly guaranteed: death, taxes and high-profile cloud security breaches. But there is no reason why public cloud or hybrid cloud breaches must remain so stubbornly persistent.

Malware incidents on remote devices increase
52% of organizations experienced a malware incident on remote devices in 2020, up from 37% in 2019, a Wandera report reveals.

How do I select a fraud detection solution for my business?
To select a suitable fraud detection solution for your business, you need to think about a variety of factors. We’ve talked to several industry professionals to get their insight on the topic.

Malwarebytes was breached by the SolarWinds attackers
A fourth malware strain wielded by the SolarWinds attackers has been detailed by Symantec researchers, followed by the disclosure of the attackers’ ingenous lateral movement techniques and the release of an auditing script by FireEye researchers that organizations can use to check their Microsoft 365 tenants for signs of intrusion.

Are you vetting your MSSPs?
The move toward managed security services has some distinct advantages but may also create security gaps for organizations relying on a provider to secure their data.

Bugs in Signal, other video chat apps allowed attackers to listen in on users
Bugs in several messaging/video chat mobile apps allowed attackers to spy on targeted users’s surroundings. The vulnerabilities – in Signal, Google Duo, Facebook Messenger, JioChat, and Mocha – could be triggered by simply placing a call to the target’s device – no other action was needed.

How to defend against today’s top 5 cyber threats
Cyber threats are constantly evolving. As recently as 2016, Trojan malware accounted for nearly 50% of all breaches. Today, they are responsible for less than seven percent.

Rethinking Active Directory security
In the wake of a cyberattack, Active Directory is sometimes dismissed as just another service that needs to be recovered, and security is an afterthought. But the hard reality is that if Active Directory is compromised, so is your entire environment.

Enterprises move on from legacy approaches to software development
Application development and maintenance services in the U.S. are evolving to meet changing demands from enterprises that need dynamic applications with rich user interfaces, according to a report published by Information Services Group.

Does your cloud stack move faster than your cloud security solutions?
New technologies require new skills and knowledge, and with the kind of lightning-fast pace of change we see in cloud computing, it’s easy to understand how blind spots and vulnerabilities slip through the net. After all, security in cloud environments is a far cry from securing on-premises infrastructure.

Bolstering healthcare IT against growing security threats
As the COVID-19 pandemic unfolds, healthcare organizations are scrambling to ensure the safety and support of patients and staff, while also integrating and learning new technologies to support telehealth practices.

Financial institutions can strengthen cybersecurity with SWIFT’s CSCF v2021
The Society for Worldwide Interbank Financial Telecommunications (SWIFT) has introduced an updated set of baseline customer security controls that all of its users must implement on their SWIFT-related infrastructure by mid-year 2021.

Ransomware provides the perfect cover
Attackers are using the noise of ransomware to their advantage as it provides the perfect cover to distract attention so they can take aim at their real target: exfiltrating IP, research, and other valuable data from the corporate network.

OpenWrt discloses forum data breach
The OpenWrt project has revealed that an attacker has managed to access information about its online forum users over the weekend, by compromising the account of a forum administrator.

Product showcase: Pentest Robots
End-to-end automation is the wrong approach to scale security testing if you want to deliver outstanding work. Pentest Robots make automation much more flexible, achievable, and beneficial for everyone involved.