Week in review: Kali Linux 2021.1, CNAME-based tracking, VMware vCenter Servers under attack

Here’s an overview of some of last week’s most interesting news and articles:

Attackers are looking to exploit critical VMware vCenter Server RCE flaw, patch ASAP!
The day after VMware released fixes for a critical RCE flaw (CVE-2021-21972) found in a default vCenter Server plugin, opportunistic attackers began searching for publicly accessible vulnerable systems.

Kali Linux 2021.1 released: Tweaked DEs and terminals, new tools, Kali ARM for Apple Silicon Macs
Offensive Security has released Kali Linux 2021.1, the latest version of its popular open source penetration testing platform. You can download it or upgrade to it.

Physical cyber threats: What do criminals leave when they break in?
While businesses have continued to fortify their networks against remote invaders, most have overlooked the potential for cyber threats from physical intruders.

Accellion FTA attacks, extortion attempts might be the work of FIN11
Mandiant/FireEye researchers have tentatively linked the Accellion FTA zero-day attacks to FIN11, a cybercrime group leveraging CLOP ransomware to extort targeted organizations.

CNAME-based tracking increasingly used to bypass browsers’ anti-tracking defenses
As browser-makers move to defang third-party (tracking) cookies, marketers are increasingly switching to alternative tracking techniques. One of these is CNAME cloaking, which not only evades anti-tracking measures on most widely-used browsers but, according to researchers, it also introduces serious security and privacy issues.

How do I select a network monitoring solution for my business?
To select a suitable network monitoring solution for your business, you need to think about a variety of factors. We’ve talked to several industry professionals to get their insight on the topic.

Third-party risk management programs still largely a checkbox exercise
Enterprise third-party risk management (TPRM) programs have been around for a half-decade or longer, and at this point most large organizations run one. However, many of these TPRM programs only provide a thin veneer of cybersecurity assurance.

Criminals leveraging shift to remote work to develop targeted attacks
Malwarebytes announced the findings of its report which explores how the global pandemic forced many employees to quickly become a remote workforce and confined consumers to their homes.

Five factors driving investment in IDV
For billions of individuals around the world, digital identity became critical in 2020. As a result, the global identity verification market, which was already growing rapidly to support the digitization of a whole host of industries, is now booming.

Chief Legal Officers face mounting compliance, privacy and cybersecurity obligations
After earning his master’s degree in computer science and working on the IT side of the business at a number of large financial services organizations, Bobby Balachandran observed one interesting thing: the legal department in these organizations had been left out of all the business process re-engineering projects that the rest of the business had undergone.

Adversaries exploit supply chains, double down on COVID-19 and ransomware
Supply chain attacks, ransomware, data extortion and nation-state threats prove to be more prolific than ever, a CrowdStrike report suggests.

10 COVID-19-related lessons for future-ready cybersecurity
In 2020, we experienced wave after wave of COVID-19 surges and watched failure after failure at practicing what we knew were effective preventative measures. Similarly, in December 2020, the Russia-backed SolarWinds malware attack resulted in the compromise of as many as 18,000 systems and countless confidential records.

Closing the data divide: How to create harmony among data scientists and privacy advocates
Balancing data privacy within an organization is no easy task, particularly for data scientists who need quick access to data, and security and governance teams whose job it is to protect it.

Database encryption: Protecting the crown jewels
Protecting the company crown jewels is something that most organizations take seriously, using network security, robust authentication and access controls within their toolsets.

Why enterprises need rugged devices with integrated endpoint management systems
The debate within business organizations of whether to use consumer devices or to invest in rugged devices for the operations side of their business is as old as personal computing itself. And with the pandemic having shown that endpoint management is now part of the cost of doing business, it’s time to put the tired old debate to rest once and for all.

Top cloud infrastructure risks faced by real-world organizations
There’s an increased adoption of managed infrastructure services and the emergence of new cloud watering hole attacks, Accurics reveals.

U.S. municipalities are the perfect target for cybercriminals in 2021
The struggle for adequate funding, the challenges in attracting skilled IT workers, and the widening cyber threat landscape are pushing municipalities to the brink.

The rise of non-English language spear phishing emails
Recently, researchers have observed an increase in the numbers of BEC emails including Italian, Spanish, German, and Slovenian.

2021 will be the year of hybrid working: How can CTOs keep staff secure and productive?
This year, companies are having to accept that things have yet to return back to “normal” and that remote working and hybrid working is here to stay for the foreseeable future.

Worldwide zero trust security market size to reach $51.6 billion by 2026
The global zero trust security market size is projected to grow from $19.6 billion in 2020 to $51.6 billion by 2026, recording a compound annual growth rate (CAGR) of 17.4% from 2020 to 2026, according to MarketsandMarkets.

Whitepaper – EDR to secure mobile devices: Coverage, limits & recommendations
The digitalization of services and expansion of remote working has heightened the number of off-premises users accessing cloud-based resources from their mobile device. In this configuration, each mobile device represents a point of entry for hackers, spies and cyberactivists. To secure information, it is critical to have an endpoint security strategy that reliably encompasses mobile devices and embraces all their aspects (iOS, Android Enterprise).

PCI SSC releases PCI Secure Software Lifecycle (SLC) Standard 1.1
The PCI Security Standards Council (PCI SSC) has published version 1.1 of the PCI Secure Software Lifecycle (SLC) Standard and its supporting program documentation. The PCI Secure SLC Standard is one of two standards that are part of the PCI Software Security Framework (SSF).

More about

Don't miss