Week in review: Patch Tuesday forecast, how to select a DLP solution, is it OK to publish PoC exploits?

Here’s an overview of some of last week’s most interesting news, articles and interviews:

21 vulnerabilities found in Exim, update your instances ASAP!
A code audit of Exim, a widely used mail transfer agent, has revealed 21 previously unknown vulnerabilities, some of which can be chained together to achieve unauthenticated remote code execution on the Exim Server.

May 2021 Patch Tuesday forecast: Spring cleaning is in order
There’s an event referred to as spring cleaning, where we take some time from our regular routines to focus on bringing order back to our homes. We remove the junk that has accumulated, and clean and organize the remaining items so they look good again. This is an event we should implement in our IT routines, because it is critical to maintaining order.

The obvious and not-so-obvious data you wouldn’t want companies to have
Today, we are far beyond the point of making it a burden on the user to protect their privacy. If companies don’t act, only the most tech-savvy consumers will be well equipped to protect their privacy, excluding the others that don’t have the capability or awareness to act.

Counterfit: Open-source tool for testing the security of AI systems
Counterfit started as a collection of attack scripts written to target individual AI models, but Microsoft turned it into an automation tool to attack multiple AI systems at scale.

Apple fixes four zero-days under attack
A week after Apple patched a macOS zero-day exploited by Shlayer malware for months for months, the company has released new security updates for macOS, iOS, iPadOS and watch OS that plug four additional zero-days that “may have been actively exploited”.

MITRE ATT&CK v9 is out and includes ATT&CK for Containers
The Mitre Corporation has released the ninth version of its ATT&CK knowledge base of adversary tactics and techniques, which now also includes a newly created ATT&CK matrix for containers.

Secure your cloud: Remove the human vulnerabilities
Training to increase employees’ security awareness and change risky behaviours among end users is important, particularly as the future workplace will be hybrid and many professionals will still be working remotely. After all, you don’t want your employees to be the “soft underbelly” that hackers, criminals, or other bad actors can easily target.

Healthcare organizations implementing zero trust to tackle cyberattacks
To better defend their networks, systems, and devices from an ongoing barrage of attack techniques, healthcare organizations are increasingly turning to zero trust architecture, which does away with the traditional security perimeter, assuming that every user and every device on the network could potentially be malicious.

What contractors should start to consider with the DoD’s CMMC compliance standards
The DoD’s Cybersecurity Maturity Model Certification (CMMC), first unveiled in November 2020, standardizes cybersecurity best practices for the hundreds of thousands of vendors and contractors working with the DoD.

58% of orgs predict remote workers will expose them to data breach risk
35% of UK IT decision makers admitted that their remote workers have already knowingly put corporate data at risk of a breach in the last year according to an annual survey conducted by Apricorn.

How do I select a DLP solution for my business?
To select a suitable DLP solution for your business, you need to think about a variety of factors. We’ve talked to several industry professionals to get their insight on the topic.

Users increasingly putting password security best practices into play
While there is awareness of password security best practices, there is still work to be done to put that awareness to full use, a Bitwarden survey reveals.

Crystal Eye XDR: Protect, detect and respond to threats from a single unified platform
In this interview with Help Net Security, Adam Bennett, CEO at Red Piranha, discusses Extended Detection and Response and their flagship product – Crystal Eye XDR.

Cybersecurity control failures listed as top emerging risk
Cybersecurity control failures was listed as the top emerging risk in 1Q21 in a global poll of 165 senior executives across function and geography, according to Gartner.

How modern workflows can benefit from pentesting
Pentesting can fortify organizations’ general security posture and is a critical measure organizations should put in place proactively to prevent security breaches.

Risk-based vulnerability management has produced demonstrable results
Several years ago, risk-based cybersecurity was a largely untested and hotly debated topic. But the tests have since been administered and the debate largely settled: risk-based cybersecurity produces proven results.

Kubestriker: A security auditing tool for Kubernetes clusters
Kubestriker is an open-source, platform-agnostic tool for identifying security misconfigurations in Kubernetes clusters.

DDoS attackers stick to their target even if they are unsuccessful
Link11 has released its DDoS report for Q1 2021 which revealed the number of DDoS attacks continued to grow.

Email security is a human issue
Research suggests that email is the most common point of entry for malware, providing access in 94% of cases, so it’s unsurprising that phishing is the root cause of 32% of security breaches.

Use longitudinal learning to reduce risky user behavior
HR and security leaders can create a cyber-secure culture by prioritizing the most crucial defense against cyberthreats — humans. Businesses must focus on positively changing user behavior to improve their security posture. In order to do this, enterprises need to use contextualized, longitudinal learning to consistently educate users over time.

Are NFTs safe? 3 things you should know before you buy
NFTs, or non-fungible tokens, have captured the attention (and wallets) of consumers and businesses around the world. This is largely in part to the big price-tag sales, such as the digital artwork by Beeple that sold for over $69M on Christie’s Auction House.

Be a “dumbass”, like some of the world’s best cyber investigators
One of my closest friends in the cybersecurity industry has had a second-to-none career path. While in the employ of an industry leader in incident response, he was consistently their busiest forensic investigator, spearheading some of their most notorious cases.

Defeating typosquatters: Staying ahead of phishing and digital fraud
Email phishing scams typically rely on diverting unsuspecting people to sites that look legitimate. This requires criminals to set up a domain that impersonates a site that is of interest to the victim. These domains are like the real thing and are often visited by users who have mistyped the genuine domain URL (hence the name: typosquatting).

Acting on a security risk assessment of your organization’s use of Salesforce
Salesforce is responsible for the security of its platform, and the organization has done a tremendous job of repelling a constant barrage of external threats. However, this success doesn’t mean your own company is off the hook. Salesforce isn’t responsible for your failure to appropriately classify and secure your data within the platform.

Is it OK to publish PoC exploits for vulnerabilities and patches?
While publishing PoC exploits for patched vulnerabilities is common practice, this one came with an increased risk of threat actors using them to attack the thousands of servers not yet protected.

61% of cybersecurity teams are understaffed
The pandemic’s disruption has rippled across the globe, impacting workforces in nearly every sector. However, according to the findings from a survey report from ISACA and HCL Technologies, the cybersecurity workforce has largely been unscathed, though all-too familiar challenges in hiring and retention continue at levels similar to years past.

Dispelling four myths about automating PKI certificate lifecycle management
There are four primary myths about cloud-based PKI solutions and digital certificate lifecycle automation that have kept organizations from adopting such solutions.

New community to gives cybersecurity leaders outside the Fortune 2000 a forum to collaborate
The new InfoSec Leaders Community will feature several channels and will offer security leaders and decision-makers a fresh opportunity to both get advice and new knowledge and share it with others.

New infosec products of the week: May 7, 2021
A rundown of the most important infosec products released last week.




Share this