Week in review: SAP apps under attack, Zero Trust creator talks, Patch Tuesday forecast

Here’s an overview of some of last week’s most interesting news, articles and reviews:

SAP applications are getting compromised by skilled attackers
Newly provisioned, unprotected SAP applications in cloud environments are getting discovered and compromised in mere hours, Onapsis researchers have found, and vulnerabilities affecting them are being weaponized in less than 72 hours after SAP releases security patches.

Office 365 phishing campaign uses publicly hosted JavaScript code
A new phishing campaign targeting Office 365 users cleverly tries to bypass email security protections by combining chunks of HTML code delivered via publicly hosted JavaScript code.

Cloud-native watering hole attack: Simple and potentially devastating
In this era of increasing technological complexity, watering hole attacks build on a model of simplicity. Just like predatory animals that hover near sources of water favored by their prey, attackers systematically infect websites likely to be visited by their targets.

Remote work: One of the legacies of the pandemic
An expectation on the part of workers that they will be allowed to work remotely more often will be one of the legacies of the pandemic, according to a study by Boston Consulting Group (BCG) and The Network.

MindAPI makes API security research and testing easier
Security researcher David Sopas has published a new open-source project: MindAPI, a mind map with resources for making API security research easier.

Zero Trust creator talks about implementation, misconceptions, strategy
A little over a decade ago, John Kindervag outlined the Zero Trust security model. As a VP and Principal Analyst on the Security and Risk Team at Forrester Research, he spent years doing primary research and the result was a new model of trust, a new approach to cybersecurity, and a security strategy designed to stop the mounting data breaches.

April 2021 Patch Tuesday forecast: Security best practices
March kept us all very busy with the ongoing out-of-band Microsoft updates for Exchange Server and the printing BSODs, which plagued us since last Patch Tuesday. It looks like a standard release of updates from Microsoft next week, but before we get to patching vulnerabilities, I would like to focus on the need to discover and report on them.

Vulnerabilities in ICS-specific backup solution open industrial facilities to attack
Claroty researchers have found and privately disclosed nine vulnerabilities affecting Rockwell Automation’s FactoryTalk AssetCentre, an ICS-specific backup solution.

We must crush digital misinformation before it destroys society
Digital communication is connecting people around the globe with tremendous benefits, but is also being misused in terrible ways that take advantage of the community. We are bombarded by misinformation posing as facts, leading to terrible fractures, victimization, and grief to the detriment of individuals and society as a whole.

Cybersecurity threats and cybercrime trends of 2020
Bitdefender released a report revealing top cybersecurity threats, frequency of threats and cybercrime trends of 2020.

Massive increase in endpoint attacks, rising rate of encrypted malware and new exploits targeting IoT
Fileless malware and cryptominer attack rates grew by nearly 900% and 25% respectively, while unique ransomware payloads plummeted by 48% in 2020 compared to 2019, according to WatchGuard.

As online fraud rises, 72% of retail brands expect to grow fraud teams
Retailers around the world are increasing their fraud teams and budgets because of a significant rise in all types of online fraud during the pandemic, a research by Ravelin finds.

99% of security pros concerned about their IoT and IIoT security
Tripwire announced the results of a research report that assessed the security of connected devices across enterprise environments in 2021. Conducted by Dimensional Research, the survey evaluated the opinions of 312 security professionals that manage the security of internet of things (IoT) and industrial internet of things (IIoT) devices across their organization.

How do I select an attack detection solution for my business?
To select a suitable attack detection solution for your business, you need to think about a variety of factors. We’ve talked to several industry professionals to get their insight on the topic.

Cybercriminals are using Telegram bots, Google Forms to gather stolen user data
Cybercriminals are increasingly using legitimate services such as Google Forms and Telegram to gather user data stolen on phishing websites. Alternative ways to collect data help cybercriminals keep it safe and start using the information immediately, says Group-IB.

Having a cybersecurity training program in place isn’t enough to ensure cyber safety
With cyberattacks increasing dramatically after the pandemic, TalentLMS and Kenna Security teamed up to gauge employees’ awareness and knowledge of cybersecurity risks. While 59% of employees received cybersecurity training from their companies in response to the COVID-19 outbreak, the survey uncovered that these initiatives have been insufficient.

Encryption is either secure or it’s not – there is no middle ground
The principle of end-to-end encryption underpins a system of communication where only the communicating users can read the messages. To this end, it exists to prevent any potential eavesdroppers (telecom providers, internet providers, law enforcement agencies) from being able to access the cryptographic keys needed to decrypt the conversation.

The impact of the CCPA on companies’ privacy practices
A new DataGrail report examined how millions of California consumers are exercising their privacy rights – to access their data, delete their data, and stop the sale of their data to a third-party – according to the CCPA, which went into effect on January 1, 2020.

People are the weakest link in data breaches, but can they be held accountable?
In the people-process-technology triad, human error is the top reason for breaches, accounting for 70% of successful attacks, a Cyberinc survey reveals. The next biggest cause is vulnerability management through patches and upgrades, accounting for just 14% of successful attacks.

SASE or zero trust? Why security teams should be using both
As companies continue to navigate increasingly distributed environments, the question of zero trust is coming up more and more – as is the relationship between this framework and secure access service edge (SASE). Many security teams are looking to better understand zero trust security and SASE, including whether or not they are mutually exclusive or compatible.

4 things you can do to minimize cyberattacks on supply and value chains
How can your organization protect itself from data breach by affected third parties in your supply or value chain? Apart from “basics” such as enforcing least privilege for third-party users and forcing administrative password resets on initial use (to avoid “username:admin, password:admin” scenarios), there are four unique and effective ways your organization can mitigate access-related third-party risk.

Number of eSIMs installed in connected devices to reach 3.4B in 2025
The number of eSIMs installed in connected devices will increase from 1.2 billion in 2021, to 3.4 billion in 2025; representing growth of 180%, a Juniper Research study found.

Review: Group-IB Threat Hunting Framework
We have tested Group-IB’s Threat Hunting Framework (THF), which tells the full story of an incident and its mastermind and can correlate events and alerts between different infrastructure layers, before escalating incidents that need additional attention from analysts.

New infosec products of the week: April 9, 2021
A rundown of the most important infosec products released last week.




Share this