Week in review: Dealing with ransomware attacks, detecting use of stolen API credentials inside AWS

Here’s an overview of some of last week’s most interesting news, articles and podcasts:

Vulnerability in popular browsers could be used to track, profile users online
A vulnerability affecting desktop versions of four popular web browsers could be exploited by advertisers, malicious actors, and other third parties to track and profile users online even if they switch browsers, use incognito mode or a VPN, researcher and developer Konstantin Darutkin claims.

How to deal with ransomware attacks
Used in cyberattacks that can paralyze organizations, ransomware is malicious software that encrypts a computer system’s data and demands payment to restore access. To help organizations protect against ransomware attacks and recover from them if they happen, NIST has published an infographic offering a series of simple tips and tactics.

Collaboration between network access brokers and ransomware actors deepens
In this Help Net Security podcast, Brandon Hoffman, CISO at Intel 471, discusses about the increased collaboration between network access brokers (NAB) and ransomware operators, and how they funcion it today’s threat landscape.

Hackers are leveling up and catching healthcare off-guard
Remember when ransomware operators promised last year not to attack hospitals under siege from COVID-19? Unfortunately, that didn’t happen: hospitality, entertainment, and retail locations were all shut down as COVID-19 spread, leaving ne’er-do-wells to look at industries that were still open for business.

RaaS gangs go “private” after stirring a hornet’s nest
After a decade or so of ransomware attacks against sometimes very prominent targets, the recent Colonial Pipeline ransomware attack by the Darkside gang has been the proverbial straw that broke the camel’s back, as the attack was followed by a temporary shut down of the pipeline, which then led to widespread fuel shortages in the Southeast United States and the government issuing a state of emergency for 18 states.

Detecting attackers obfuscating their IP address inside AWS
Security researchers have documented an attack technique that may allow attackers to leverage a legitimate Amazon VPC feature to mask their use of stolen API credentials inside AWS.

How to glean user insight while respecting personal privacy
While each person has a unique personality and identity, the digital world has no patience for individuality. The web tries with its every fiber to store, analyze, and classify everything into neat boxes—us included.

661 fines issued since GDPR became enforceable, totaling €292 million
3 years since rolling out in May 2018, there have been 661 GDPR fines issued by European data protection authorities. Every one of the 28 EU nations, plus the United Kingdom, has issued at least one GDPR fine.

85% of breaches involve the human element
The Verizon report examines more breaches than ever before, and sheds light on how the most common forms of cyber attacks affected the international security landscape during the global pandemic. This year’s report saw 5,258 breaches from 83 contributors across the globe, a third more breaches analyzed than last year.

Cybersecurity, emerging technology and systemic risk: What it means for the medical device industry?
Attackers in the medical device arena don’t yet need to increase their sophistication because the vast majority of fielded medical devices have extremely easy-to-exploit vulnerabilities.

How do I select an eSignature solution for my business?
To select a suitable eSignature solution for your business, you need to think about a variety of factors. We’ve talked to several industry professionals to get their insight on the topic.

Privacy regulations making cloud migration complex
Digital transformation is driving multi-cloud migrations, as 85 percent of organizations use at least two cloud providers for data storage and analytics, while 40 percent use five or more. GDPR, CCPA, and other privacy regulations are making cloud migration and analytics difficult, as 7 out of 10 said the effort has become more complex, a Privacera and Lead to Market survey reveals.

The zero trust security market continues to grow
The global zero trust security market is projected to surpass $66,741.3 million, increasing from $18,500.0 million in 2019, at a CAGR of 17.6% from 2020 to 2027 timeframe, according to Research Dive.

Double-extortion ransomware attacks on the rise
A Zscaler report outlines a growing risk from double-extortion attacks, which are being increasingly used by cybercriminals to disrupt businesses and hold data hostage for ransom.

Cyber investigations, threat hunting and research: More art than science
While it’s true that threat hunting, incident response, and threat research all have their foundations in science, it is also fundamentally true that the most successful threat hunters, incident responders, and threat researchers are far more artist than scientist.

Most organizations fail to fix cloud misconfiguration issues in a timely manner
A significant majority of companies that move to multi-cloud environments are not properly configuring their cloud-based services, Aqua Security reveals. According to the report findings, these misconfigurations, for example leaving bucket or blog storage open, can open companies up to critical security breaches.

Security doesn’t always require immediacy
While the need to protect the business against heightened risks has traditionally been an urgent matter, the sheer number of new threats means more time is being spent on immediately patching any issues, and day-to-day security tasks are often pushed aside.

Enterprise leaders now see cybersecurity as a business advantage
Enterprise leaders who previously viewed cybersecurity as part of traditional infrastructure have shifted to rapidly invest in integrated, cloud-based approaches, with ripple effects on innovation, distributed workforce security and competitive advantages, Forcepoint and WSJ Intelligence revealed.

Why passwordless is not always passwordless
While emerging authentication tools help reduce user friction, the perception that passwords will no longer be required is a little premature.

Dealing with ransomware attacks: What options do you have?
It might seem logical to try to negotiate the ransom demand down to an amount that isn’t going to break the bank but would still be enough to satiate cybercriminals’ thirst for cash. Unfortunately, this isn’t a good idea, because negotiations can backfire and even cause ransomware gangs to increase their ransom demands.

Fake Amazon order emails lead to vishing
Fraudsters are sending out fake Amazon order emails and tricking online shoppers into calling a telephone number manned by them to steal the shoppers’ credit card details and other sensitive information.

The basics of security code review
Performing source code reviews to identify and remediate security risks before an application is moved into production is undoubtedly one of the best ways to ensure software quality – though this is much easier said than done.

Hiring remote software developers: How to spot the cheaters
With an overwhelming majority of software engineers expressing a preference for remote work, it’s no wonder that more employers are making commitments to expand their remote workforces.

Endpoint security: How to shore up practices for a safer remote enterprise
It’s a long-held belief that enterprise IT teams are overworked. It’s also considered common knowledge that their jobs have only gotten harder in the days since workforces went remote. Unfortunately, steep consequences for network security have surfaced because of the sudden shift to the work-from-home world.

Identifying and addressing critical OT asset vulnerabilities in 24/7 industrial operations
A cyber breach at an industrial facility may enable a bad actor to move actuators that can trip a switch at a power plant to deny electricity to an entire city, manipulate valves to move highly combustible molecules in the wrong direction and cause an explosion in a petrochemical plant, or redirect wastewater to a clean water reservoir at a treatment plant.

Three smart ways SMBs can improve cybersecurity
Most SMBs remain squarely on the frontlines of today’s cyberbattles. After all, why would cybercriminals waste their time trying to infiltrate a heavily fortified enterprise when SMBs are such an easy target?

University of Minnesota researchers fail to understand consent
You’d think with all the recent discussion about consent, researchers would more carefully observe ethical boundaries. Yet, a group of researchers from the University of Minnesota not only crossed the line but ran across it, screaming defiantly the whole way.

18 is the new 20: CIS Controls v8 is here!
The Center for Internet Security (CIS) officially launched CIS Controls v8, which was enhanced to keep up with evolving technology (modern systems and software), evolving threats, and even the evolving workplace.

New infosec products of the week: May 21, 2021
A rundown of the most important infosec products released last week.

More about

Don't miss