Week in review: New DNS vulnerabilities, benefits of cyber threat intelligence, FBI removes web shells

Here’s an overview of some of last week’s most interesting news, articles and podcast:

New DNS vulnerabilities have the potential to impact millions of devices
Forescout Research Labs, in partnership with JSOF, disclosed a new set of DNS vulnerabilities, dubbed NAME:WRECK.

FBI removes web shells from hacked Microsoft Exchange servers
Authorities have executed a court-authorized operation to copy and remove malicious web shells from hundreds of vulnerable on-premises versions of Microsoft Exchange Server software in the United States.

Securing an online marketplace through the COVID-19-fueled boom
When COVID-19 began to spread around the globe, citizens of many countries were instructed to stay at and work from home. Most non-essential brick-and-mortar shops were closed for weeks and months, and that sudden development forced many customers to do their shopping online.

The benefits of cyber threat intelligence
In this Help Net Security podcast, Maurits Lucas, Director of Intelligence Solutions at Intel 471, discusses the benefits of cyber threat intelligence. He also talks about how Intel 471 approaches adversary and malware intelligence.

Protecting the human attack surface from the next ransomware attack
When IT and security professionals plan how to respond, they must not underestimate the degree to which many of the transformative changes to our working patterns enacted due to COVID-19 have already changed our risk of ransomware attacks.

330 million people across 10 countries were victims of cybercrime in 2020
NortonLifeLock revealed that in the past year nearly 330 million people across 10 countries were victims of cybercrime and more than 55 million people were victims of identity theft. Cybercrime victims collectively spent nearly 2.7 billion hours trying to resolve their issues.

The SOC is blind to the attackable surface
A security operations center (SOC) is the central nervous system of any advanced cybersecurity program. Yet even the most well-funded, highly organized and properly equipped SOC is often no match for a simple misconfiguration error.

Detection capabilities improve, but ransomware surges on
A FireEye report outlines critical details on trending attacker techniques and malware, the proliferation of multifaceted extortion and ransomware, preparing for expected UNC2452 / SUNBURST copycat threat actors, growing insider threats, plus pandemic and industry targeting trends.

The parallels of pandemic response and IoT security
A lot of the things we’re being asked to do in response to the pandemic have parallels to the advice we give to organizations for keeping their data and IT infrastructure safe.

Using Salesforce? Here are 5 security and compliance considerations
While many mission-critical cloud applications like Salesforce have security functionality built-in, they don’t consider the levels of customization and complexity that organizations introduce while implementing these solutions.

Scientists develop quantum machine learning methods for reasoning
Scientists at Cambridge Quantum Computing (CQC) have developed methods and demonstrated that quantum machines can learn to infer hidden information from very general probabilistic reasoning models.

How to address post-pandemic infrastructure pain points
The coronavirus pandemic accelerated trends that had slowly been changing businesses everywhere, transforming remote work from a perk to a necessity and sending even more of our data, applications, and day-to-day activities into the cloud.

5G IoT market size to reach $40.2 billion by 2026
The 5G IoT market size is projected to grow from $2.6 billion in 2021 to $40.2 billion by 2026, at a Compound Annual Growth Rate (CAGR) of 73.0% during the forecast period, according to MarketsandMarkets.

DDoS attack activity: 10 million-plus attacks and 22% increase in attack frequency
Netscout announced findings from its bi-annual Threat Intelligence Report, punctuated by a record-setting 10,089,687 DDoS attacks observed during 2020.

XDR and MDR: What’s the difference and why does it matter?
An XDR solution without adequate human expertise/staffing behind it will only ever be a tool. With a managed services model in play, you’re getting both the comprehensive technology capabilities and the people required to make it work — which is why MDR may be the only acronym that your organization needs.

Get your firm to say goodbye to password headaches
Passwords are problematic. They can be costly and burdensome for businesses to manage, can cause poor user experience, and they are easily compromised. It’s no wonder, then, that many enterprises are expected to shift to passwordless authentication for users as part of an overall digital transformation.

Advice for aspiring threat hunters, investigators, and researchers from the old town folk
Aspiring threat hunters, investigators and researchers clearly need a better idea about what their prospective employers are looking for in an ideal candidate.

The future of touchless visitor management lies with biometrics
With so many people making their way into an office building on any given day – whether as a prospective job candidate, a vendor with a delivery, or for a client meeting – it is vital that today’s visitor and employee management systems are prepared to keep the grounds safe from unwanted visitors, including COVID-19.

Machine learning-powered cybersecurity depends on good data and experience
If your data is bad, then your machine learning tools will be insufficient, making your security infrastructure vulnerable to attack and putting your organization at risk for a wide-spread security breach.

Cybersecurity guide for the hospitality industry
A practical cybersecurity guide from the National Institute of Standards and Technology (NIST) can help hotel owners reduce the risks to a highly vulnerable and attractive target for hackers: the hotel property management system (PMS), which stores guests’ personal information and credit card data.

Infection Monkey: Open source tool allows zero trust assessment of AWS environments
Guardicore unveiled new zero trust assessment capabilities in Infection Monkey, its open source breach and attack simulation tool. Available immediately, security professionals will now be able to conduct zero trust assessments of AWS environments to help identify the potential gaps in an organization’s AWS security posture that can put data at risk.




Share this