Week in review: Most used MITRE ATT&CK tactics, boosting the “Sec” in DevSecOps

Here’s an overview of some of last week’s most interesting news and articles:

Nearly 40% of consumers lost money to phone scams in 2020
Businesses and consumers are relying on the voice call more than ever during the pandemic with voice traffic up 184% in 2020 compared to 2019, according to a Hiya report.

Phishers tricking users via fake LinkedIn Private Shared Document
Phishers are trying to trick users into opening a “LinkedIn Private Shared Document” and entering their login credentials into a fake LinkedIn login page, security researcher JB Bowers warns.

Top 10 most used MITRE ATT&CK tactics and techniques
Which tactics and techniques are cyber attackers favoring? vFeed has compiled a list of the Top 10 Most Used MITRE ATT&CK Tactics and Techniques to help security teams focus their defenses more effectively.

How do I select a DRM solution for my business?
To select a suitable DRM solution for your business, you need to think about a variety of factors. We’ve talked to several industry professionals to get their insight on the topic.

Enable secure remote workspaces without trashing your entire IT infrastructure
At the start of the pandemic, many large enterprises had VDI or DaaS solutions in place for a subset of their workforce. Many medium-to-large enterprises did, as well. Even so, as companies tried to scale these remote work solutions overnight, they realized they were ill-prepared.

Apple details major security, privacy enhancements in its devices
Apple has released on Thursday a newer version of its Platform Security Guide, outlining the security and privacy innovations and improvements its users will be able to take advantage of.

Hackers exploited Centreon monitoring software to compromise IT providers
Unknown hackers – possibly the Sandworm APT – have been compromising enterprise servers running the Centreon monitoring software for over three years, the French National Cybersecurity Agency (ANSSI) has shared.

Tips for boosting the “Sec” part of DevSecOps
The most significant barrier to achieving DevSecOps is the continued perception that “Sec” is not already a part of “Dev” and “Ops”, says James Arlen, CISO at cloud data platform provider Aiven. Also, the fact this needs to be explicitly called out is actually a barrier in itself.

Rampant password reuse puts companies and customers at risk
25.9 million business account credentials and over 543 million breach assets tied to employees in the Fortune 1000 are readily available on the criminal underground, SpyCloud reveals.

Have we put too much emphasis on protecting the network?
Recently, much of the cybersecurity commentary and blogs have talked about new approaches for protecting the network, especially beyond the perimeter. For the past few years, the industry has focused on conditional access (i.e., identity as the new perimeter) and even zero trust.

Malware increased by 358% in 2020
A research study conducted by Deep Instinct reports on the hundreds of millions of attempted cyberattacks that occurred every day throughout 2020 showing malware increased by 358% overall and ransomware increased by 435% as compared with 2019.

Homomorphic encryption: Myths and misconceptions
The field of homomorphic encryption has been the focus of academic research for more than four decades, but it has garnered increased attention of late as a pillar of a broader category known as Privacy Enhancing Technologies (PETs).

Why contextual machine learning is the fix that zero-trust email security needs
Email data breaches are on the rise. Our recent research found that 93% of organizations have experienced an email data breach in the last 12 months, at an average rate of one incident every 12 working hours.

Knowledge graphs: The secret of Google Search and now XDR
Wading through waves of alert noise to find real threats and manually connecting the dots to find context in real-time attacks are essential capabilities in today’s cyberthreat detection and response battleground.

Microsoft: Solorigate attackers grabbed Azure, Intune, Exchange component source code
Microsoft has completed its internal investigation about the Solorigate (SolarWinds) security incident, and has discovered that the attackers were very interested in the code of various Microsoft solutions.

Most security pros think a WAF is high maintenance
An organization’s web application firewall (WAF) is a critical line of defense in protecting proprietary and customer data, but the concern is that some organizations are spending an outsized allotment of resources on modifying these mission-critical elements, a Neustar report reveals.

What behavioral experts can teach us about improving security
As organizations tackle the new reality of a distributed workforce, there is much to be learned from the behavioral economics discipline. Behavioral economists study the psychological, cognitive, emotional, cultural and social factors that impact the decisions that people make. Typically, their expertise is applied to financial markets.

Why do enterprise SOC teams need CIEM now?
CIEM is the next generation of solutions for managing entitlements and permissions for all cloud infrastructure identities and resources and enforcing least privilege policies in the cloud. This enables organizations to design and implement zero trust architectures in multi-cloud and hybrid cloud environments.

57% of vulnerabilities in 2020 were classified as critical or high severity
NIST logged more than 18,000 vulnerabilities in 2020, over 10,000 of which were critical or high severity – an all-time high. Redscan’s analysis looks beyond severity scores, detailing the rise of low complexity vulnerabilities as well as those which require no user interaction to exploit.

Quantum computing and encryption: Key to achieving resilience, technological sovereignty and leadership
Cryptography is a vital part of cybersecurity. Security properties like confidentiality, integrity, authentication, non-repudiation rely on strong cryptographic mechanisms, especially in an always connected, always online world.

Cybersecurity risks connected to AI in autonomous vehicles
By removing the most common cause of traffic accidents – the human driver – autonomous vehicles are expected to reduce traffic accidents and fatalities. However, they may pose a completely different type of risk to drivers, passengers and pedestrians.

Cyber Underground General Intelligence Requirements Handbook
The Cyber Underground General Intelligence Requirements Handbook (CU-GIRH) is a baseline tool to assist in organizing, prioritizing, producing and measuring production of cyber underground intelligence.

Free certification Exam Action Plan from (ISC)²
Even the best-laid plans can go astray, but you can get your certification goals back on track for success.

More about

Don't miss