Week in review: Top security threats for power plants, defending against Windows RDP attacks

Here’s an overview of some of last week’s most interesting news and articles:

Why threat hunting is obsolete without context
Threat hunting is one of the more recent methodologies implemented by IT professionals to find dormant or active threats on their network to better understand and harness network visibility and threat actor entry points. Yet this capability can only be effectively leveraged when practiced in a broader security context.

90% of security leaders view bot management as a top priority
HUMAN published a research into security leaders’ perceptions of and responses to sophisticated bot attacks. The research revealed concerns about the threats bots pose, including site slowdowns caused by overwhelming traffic, new account fraud, credential cracking/brute force attacks, account takeover, content manipulation, sensitive content scraping, and inventory exhaustion and cart abandonment.

Organizations using Microsoft 365 experience more breaches, with more severe impacts
The increased amount of remote work as a result of the pandemic has exacerbated the risk of an email data breach ‑ and the risk is intensified for Microsoft users, with 67% of IT leaders reporting an increase in data breaches due to remote work, versus just 32% of IT leaders whose organizations aren’t using Microsoft 365.

Phishers using Zix to “legitimize” emails in the eyes of Office 365 users
A phishing campaign aimed at harvesting Office 365 account credentials is employing a variety of tricks to fool both email security sistems and recipients: the phishing emails come from a compromised enterprise account, through the secure email system Zix, to make recipients believe that the offered link isn’t malicious.

May 2021 Patch Tuesday: Adobe fixes exploited Reader 0-day, Microsoft patches 55 holes
Adobe has fixed a Reader flaw exploited in attacks in the wild, as well as delivered security updates for eleven other products, including Magento, Adobe InDesign, Adobe After Effects, Adobe Creative Cloud Desktop Application, and others.

How do I select a managed cybersecurity solution for my business?
To select a suitable managed cybersecurity solution for your business, you need to think about a variety of factors. We’ve talked to several industry professionals to get their insight on the topic.

DevOps didn’t kill WAF, because WAF will never truly die
The web application firewall (WAF) is dead, they say, and DevOps is the culprit, found over the body in the server room with a blade in its hand and splattered code on its shirt. But although some could argue that DevOps had the means, motive, and opportunity, the fact is that WAF isn’t dead at all, nor is it likely to be anytime soon.

Review: The Pentester Blueprint: Starting a Career as an Ethical Hacker
Brough to you by cybersecurity researcher Kim Crawley and pentester and author Phillip L. Wylie, The Pentester Blueprint gives insights into the most common hurdles encountered by aspiring penetration testers, as well as tips on how to overcome them.

Exploiting common URL redirection methods to create effective phishing attacks
URL forwarding is one method that is often abused by cybercriminals to create multi-layered phishing attacks. Why? The short answer is in three E’s: easy, evasive, and elusive (to the eye).

Scammers aren’t always who we expect them to be: How AI and biometrics can help
While you cannot know who’s planning to defraud you, you can put into place the systems and technologies that will protect your business and customers. Let’s explore a few scenarios and how AI and biometrics can help uncover and fight fraud.

Sophos XDR: Threat hunting through the entire security ecosystem
Sophos XDR gathers relevant sensory information from the organization’s entire IT environment and security ecosystem and allows threat hunters to view the complete picture and detect and inspect clues that may otherwise go unnoticed.

Top security threats for power plants and how to proactively avoid them
Power plants are one of the most vitally important components of modern civilization’s infrastructure. A disruption in energy production impacts all aspects of society from healthcare to national security. Eliminating a country’s ability to generate energy is a powerful weapon that demands effective defensive measures.

Defending against Windows RDP attacks
Some DDoS attacks are leveraging RDP servers to amplify their effect, and malware like Trickbot is employing scanners to identify vulnerable open RDP ports.

Maximizing a hybrid cloud approach with colocation
As a multi-tenant cloud environment, the public cloud offers companies with vast amounts of data a highly affordable option. However, it also presents a number of limitations including reliability challenges, a lack of control and transparency, and information security issues.

A picture is worth a thousand words, but to hackers, it’s worth much more
Enterprises and end-users are constantly reminded of the dangers associated with clicking on unknown links and documents. Images rarely top the list as would-be vulnerabilities, but it’s important to be cautious of these potentially risky files as well. Why? Hackers are able to use image steganography techniques to conduct malicious activity and ultimately compromise enterprise networks.

Security awareness training doesn’t solve human risk
Traditional employee risk mitigation efforts such as security awareness training and phishing simulations have a limited impact on improving employees’ real-world cybersecurity practices, according to Elevate Security and Cyentia Institute.

3 areas of implicitly trusted infrastructure that can lead to supply chain compromises
To get a broader understanding of what organizations are up against, let’s look at three major supply chain compromises that occurred during the first quarter of 2021.

Navigating the waters of maritime cybersecurity
In January 2021, new International Maritime Organization (IMO) guidelines on maritime cyber risk management went into effect. Around the same time, the U.S. government released a first of its kind National Maritime Cyber Security Plan (NMCP), accompanying recent maritime cybersecurity directives from the U.S. Coast Guard.

The best CISOs think like Batman, not Superman
The best CISOs aren’t superheroes — or at least, not superheroes cut from the same cloth as the Man of Steel. The reality is that problems quickly emerge if a security chief believes their job is to be a universally beloved hero, basking in the gratitude and admiration of those they protect.

Bitcoin Security Rectifier app aims to make Bitcoin more secure
A computer science engineer at Michigan State University has a word of advice for the millions of bitcoin owners who use smartphone apps to manage their cryptocurrency: don’t. Or at least, be careful. Researchers are developing a mobile app to act as a safeguard for popular but vulnerable “wallet” applications used to manage cryptocurrency.

When the adversarial view of the attack surface is missing, DX becomes riskier
Cybersecurity is one area that is often overlooked in the race to transform, and the consequences of this omission can be ruinous, both financially and reputationally.

Webcast: Get a sneak peek inside the CISSP domains
Look into the Certified Information Systems Security Professional (CISSP) official training course and walk away with a grasp of the topics covered in the CISSP Common Body of Knowledge (CBK).

New competition allows cybersecurity leaders to test their knowledge and skills
What can security leaders do to make sure they’re prepared and hone their skills ahead of the next inevitable threat? Now, they can test themselves and their knowledge at a new website, The CISO Challenge. Launched by XDR provider Cynet, it aims to let information security leaders to test their cybersecurity mettle.

Getting a grip on basic cyber hygiene
The CIS Controls are independent and trusted prescriptive, prioritized, and simplified cybersecurity best practices that provide a clear path to improve an organization’s cyber defense program.

Product Showcase: Acronis Cyber Protect
Acronis has been a pioneer in the field of cyber protection, which integrates best-of-breed data protection with cutting-edge cybersecurity and protection management in one easy-to-manage cyber protection solution: Acronis Cyber Protect.

New infosec products of the week: May 14, 2021
A rundown of the most important infosec products released last week.

More about

Don't miss