Week in review: Attacks on Exchange servers escalate, the influence of the Agile Manifesto, O365 phishing

Here’s an overview of some of last week’s most interesting news and articles:

Ongoing Office 365-themed phishing campaign targets executives, assistants, financial departments
A sophisticated and highly targeted Microsoft Office 365 phishing campaign is being aimed at C-suite executives, executive assistants and financial departments across numerous industries.

The benefits and challenges of passwordless authentication
More and more organizations are adopting passwordless authentication. Gartner predicts that, by 2022, 60% of large and global enterprises as well as 90% of midsize enterprises will implement passwordless methods in more than half of use cases.

If you are not finding vulnerabilities, then you are not looking hard enough
Building security and privacy into products from concept to retirement is not only a strong development practice but also important to enable customers to understand their security posture and truly unleash the power of data.

With data volumes and velocity multiplying, how do you choose the right data security solution?
There is no doubt that the COVID-19 pandemic has caused radical changes in our personal and working lives. The sudden and massive surge of employees working from home and the anticipated long-term popularity of the option is also forcing CIOs and CISOs to gauge – to the best of their abilities – how the balance of remote and in-person operations will look in the coming months and years.

Security threats increasing with 70% using personal devices for work
Samsung has revealed the results of a multi-industry research study, which identifies the main technology challenges UK businesses have faced over the last year – and the key solution they’re turning to – as the nation prepares for a future of hybrid working.

As attacks on Exchange servers escalate, Microsoft investigates potential PoC exploit leak
Microsoft Exchange servers around the world are still getting compromised via the ProxyLogon (CVE-2021-26855) and three other vulnerabilities patched by Microsoft in early March. To help administrators, the company has released Exchange On-Premises Mitigation Tool (EOMT), which quickly performs the initial steps for mitigating ProxyLogon on any Exchange server and attempts to remediate found compromises.

Automatically mitigate ProxyLogon, detect IoCs associated with SolarWinds attackers’ activities
Microsoft has updated its Defender Antivirus to mitigate the ProxyLogon flaw on vulnerable Exchange Servers automatically, while the Cybersecurity and Infrastructure Security Agency (CISA) has released CHIRP, a forensic tool that can help defenders find IoCs associated with the SolarWinds attackers’ activities.

The future of IT security: All roads lead to the cloud
More and more applications – and with them workflows and entire business processes – are finding their way into the cloud. Analysts predict that IT security will follow suit, and this raises a few questions.

Securing a hybrid workforce with log management
Moving to a remote workforce in response to the pandemic stay-at-home orders meant that IT departments needed to address new risks, e.g., insecure home networks. However, as they begin to move back into offices, many of these challenges will remain.

A strategic approach to identity verification helps combat financial crime
70% of financial services organizations are taking a strategic approach to identity verification to combat financial crime and stay one step ahead of fraudsters according to Trulioo.

Alarming number of consumers impacted by identity theft, application fraud and account takeover
A new report, developed by Aite Group, and underwritten by GIACT, uncovers the striking pervasiveness of identity theft perpetrated against U.S. consumers and tracks shifts in banking behaviors adopted as a result of the pandemic.

Why data privacy will be the catalyst for digital identity adoption
Identity fraud is rising, even more so since the COVID-19 pandemic took hold, buoyed by the sheer volume of personal information out there.

The dangers of misusing instant messaging and business collaboration tools
71% of office workers globally – including 68% in the US – admitted to sharing sensitive and business-critical company data using instant messaging (IM) and business collaboration tools, Veritas Technologies research reveals.

Why is financial cyber risk quantification important?
Why are executives pressuring CISOs to start financially quantifying cyber risk for their business? This process allows CISOs to identify and rank risk scenarios that are most critical to their enterprise, based on factors such as which attacks would have the biggest financial impact, and how equipped the company is to defend itself against any given attack.

Where is 5G heading, and how fast will it get there?
When it comes to 5G, carriers are optimistic. In fact, more than half of those surveyed by Dimensional Research expect to deliver substantial end-user benefits within two to five years while 47% reported that users already are seeing value or will within one year.

iOS app developers targeted with trojanized Xcode project
The trojanized version of the project – dubbed XcodeSpy by the researchers – executes an obfuscated Run Script when the developer’s build target is launched. The script contacts a C&C server and downloads a custom variant of the EggShell backdoor

Password reuse defeats the purpose of passwords
When a person reuses the same password across multiple accounts, one account’s exposure puts all the others at risk. To prevent this, cybersecurity awareness programs must emphasize the importance of passwords: how to create them, use them, and how to use a password manager.

Threat actors thriving on the fear and uncertainty of remote workforces
The pandemic’s work-from-home reality resulted in an unprecedented change for organizations as they fought to defend exponentially greater attack surfaces from cybercriminals armed with powerful cloud-based tools, cloud storage and endless targets. As working environments evolved, so did the methods of threat actors and other motivated perpetrators, as detailed in the SonicWall report.

Women helping women: Encouraging inclusivity in the cybersecurity industry
Since 1987, the month of March has been known as Women’s History Month, celebrating the historical achievements and contributions of women around the world. It is especially important during this time of reflection and celebration that we recognize the important role women have played in the growing security sector over the years.

Years-old MS Office, Word flaws most exploited to deliver malware
29% of malware captured was previously unknown – due to the widespread use of packers and obfuscation techniques by attackers seeking to evade detection, according to a HP report.

DDoS attacks surge as cybercriminals take advantage of the pandemic
DDoS attacks reached a record high during the pandemic as cybercriminals launched new and increasingly complex attacks, a Link11 report reveals.

Risk management in the digital world: How different is it?
Managing risk arising from remote work has largely been reactive, and risk managers have had to adapt to new digital threats that weren’t necessarily as prevalent when work was done from a physical office.

The influence of the Agile Manifesto, 20 years on
In the years since the Manifesto was first published, Agile has been adopted by domains outside of software development, including hardware systems, infrastructure, operations, and even business support to name a few.

The DevOps Guide to Terraform Security
While there are many benefits to using Terraform as part of your infrastructure provisioning workflow, there are also key security considerations that we will cover in this paper.

New infosec products of the week: March 19, 2021
A rundown of the most important infosec products released last week.

More about

Don't miss