Week in review: QNAP NAS ransomware, threat modeling, the realities of working in cybersecurity

Here’s an overview of some of last week’s most interesting news, articles and interviews:

Attackers can teach you to defend your organization against phishing
Using the kill chain to assess how an attacker would approach your organization makes it easier to understand which steps, at a minimum, would need to be taken by an arbitrary attacker to succeed in a phishing attack against your company.

QNAP NAS devices under ransomware attack
QNAP NAS device owners are once again under attack by ransomware operators, who are exploiting a recently fixed vulnerability to lock data on vulnerable devices by using the 7-Zip open-source file archiver utility.

61% of organizations impacted by ransomware in 2020
Enterprises faced unprecedented cybersecurity risk in 2020 from increasing attack volume, the pandemic-driven digital transformation of work, and generally deficient cyber preparedness and training, a Mimecast survey reveals.

Q1 2021 ransomware trends: Most attacks involved threat to leak stolen data
The vast majority of ransomware attacks now include the theft of corporate data, Coveware says, but victims of data exfiltration extortion have very little to gain by paying a cyber criminal.

48 recommendations for a global fight against ransomware
The Institute for Security and Technology’s Ransomware Task Force (RTF) has released a comprehensive strategic framework to help worldwide organizations fight against ransomware and will be delivering it to the U.S. President’s team.

What is threat modeling and why should you care?
While there is not one exact industry wide definition, threat modeling can be summarized as a practice to proactively analyze the cyber security posture of a system or system of systems.

Push past zero trust barriers to securely connect the distributed workforce
As a protective model, zero trust does not put a wall around networks and applications, but around employees and their devices, so it can protect remote environments at scale.

Apple patches macOS zero-day exploited by malware for months (CVE-2021-30657)
Apple has patched a critical macOS zero-day (CVE-2021-30657) that has been exploited by Shlayer malware for months and has finally introduced/enabled the App Tracking Transparency feature and policy in iOS, iPadOS and tvOS.

IT security teams challenges fueled by record-setting cyberattacks
IT security teams faced unprecedented challenges last year fueled by dramatically expanded work-from-home (WFH) programs, increased bring-your-own-device (BYOD) policy adoptions, and rising internal and third-party risks stemming from the COVID-19 pandemic, CyberEdge Group reveals.

Penetration testing leaving organizations with too many blind spots
While organizations invest significantly and rely heavily on penetration testing for security, the widely used approach doesn’t accurately measure their overall security posture or breach readiness — the top two stated goals among security and IT professionals.

Organizations can no longer afford to overlook encrypted traffic
Whether you’re a small business operating out of a single office or a global enterprise with a huge and distributed corporate network, not inspecting the encrypted traffic entering and leaving can be a costly mistake, as cybercriminals are increasingly using TLS (Transport Layer Security) in their attacks.

Shedding light on the threat posed by shadow admins
Shadow admins pose a threat to organizations because these accounts have privileged access to perform limited administrative functions on Active Directory objects.

Managing and maturing Kubernetes security in the enterprise
Even though Kubernetes adoption seems to be at an all-time high (48% according to the Container Journal, from 27% in 2018), security awareness for teams working on Kubernetes projects at their workplaces and running mission-critical workloads on Kubernetes is surprisingly low.

The realities of working in and pursuing a career in cybersecurity
(ISC)² released a study which provides insights on how to successfully staff up a balanced and diverse cybersecurity team with a broad range of skills.

Cybercriminals evolving their tactics to exploit collective human interest
Phishing activity increased significantly in the first few months of 2020, taking advantage of pandemic-induced product shortages and increased usage of streaming services, OpenText reveals.

The next big thing in cloud computing? Shh… It’s confidential
The business-driven explosion of demand for cloud-based services has made the need to provide highly secure cloud computing more urgent. Many businesses that work with sensitive data view the transition to the cloud with trepidation, which is not entirely without good reason.

MythBusters: What pentesting is (and what it is not)
Penetration testing is a security assessment, analysis and a progression of simulated attacks on an application or network to check its security posture.

SniperPhish: An all-in-one open-source phishing toolkit
SniperPhish is an all-in-one open-source phishing toolkit that pentesters and other security professionals can use for setting up and executing email and web-based spear phishing campaigns.

16% of mobile devices in developing markets now infected with malware
Mobile users already disadvantaged by an economic and digital divide have suffered the most from digital fraud throughout the COVID-19 pandemic. In emerging markets such as Brazil, Indonesia, South Africa and Thailand, 16 percent of mobile devices that processed a transaction were found to be infected with malware, according to Upstream.

APIs in the insurance industry: Accessing a growing world of data
The insurance industry continues to move forwards with more acceleration than in recent decades, and with billions of endpoints to interact with, there’s significant opportunity ahead.

Avoid these CSPM mistakes to increase your cloud security posture
Many organizations feel confident that their cloud security situation is under control, but when pressed, they admit that they lack a centralized way to understand exactly what they have.

Solve evolving enterprise issues with GRC technology
For this interview, we sat down with Blake Brannon, CTO at OneTrust, to discuss governance, risk management, and compliance (GRC).

Connected medical devices brought security loopholes mainstream
The increasing demand for self-health management, coupled with the digitalization of the modern healthcare ecosystem, translates into a medical connected devices market that is predicted to grow 20% every year, according to Infoholic Research.

More about

Don't miss