Here’s an overview of some of last week’s most interesting news and articles:
Belgium’s Interior Ministry uncovers 2-year-long compromise of its network
Belgium’s Federal Public Service Interior (i.e., the country’s Interior Ministry) has suffered a “complex, sophisticated and targeted cyberattack.”
New TSA security directive is a needed shock to the system
The Department of Homeland Security’s Transportation Security Administration (TSA) announced a Security Directive that will enable the Department to better identify, protect against, and respond to threats to critical companies in the pipeline sector.
VMware fixes critical vCenter Server RCE vulnerability, urges immediate action (CVE-2021-21985)
VMware has patched two vulnerabilities (CVE-2021-21985, CVE-2021-21986) affecting VMware vCenter Server and VMware Cloud Foundation and is urging administrators to implement the offered security updates as soon as possible.
The evolution of the modern CISO
The role of CISO first emerged as organizations embraced digital revolutions and began relying on new data streams to help inform business decisions. As technology continued to advance and became more complex, so too did threat actors who saw new opportunities to disrupt businesses, by stealing or holding that data hostage for ransom.
Enterprise networks vulnerable to 20-year-old exploits
While exotic attacks and nation-states such as Russia and China grab headlines, the most prevalent enterprise cybersecurity risks in Q1 came from unpatched legacy systems, attacks from the US, and consumer applications, such as TikTok.
Happy birthday GDPR: IoT impact and practical tips for compliance
With the GDPR now in its third year, compliance with the EU data privacy regulation is still a significant issue for organizations to tackle, especially especially when it comes to the Internet of Things (IoT).
Enhancing cyber resilience in the oil and gas industry
The World Economic Forum (WEF) has brought together industry and cybersecurity experts from companies and organizations such as Siemens Corp, Saudi Aramco, Royal Dutch Shell, the Cyber Security Agency of Singapore, the U.S. CISA, industrial cybersecurity company Dragos and many others to compile a blueprint for enhancing cyber resilience across the oil and gas industry.
Apple fixes macOS zero-day exploited by malware (CVE-2021-30713)
A zero-day vulnerability (CVE-2021-30713) that allowed XCSSET malware to surreptitiously take screenshots of the victim’s desktop has been fixed by Apple on macOS 11.4 (Big Sur).
How do I select a data management solution for my business?
To select a suitable data management solution for your business, you need to think about a variety of factors. We’ve talked to several industry professionals to get their insight on the topic.
Adding complexity through simplification: Breaking down SASE
In an industry that’s not short of jargon and buzzwords, cybersecurity has a new acronym to reckon with: SASE, or secure access service edge.
Cybersecurity leaders lacking basic cyber hygiene
Constella Intelligence released the results of a survey that unlocks the behaviors and tendencies that characterize how vigilant organizations’ leaders are when it comes to reducing cyber vulnerability, allowing the industry to better understand how social media is leveraged as an attack vector and how leaders are responding to this challenge.
Kali Linux team releases Kaboxer, a tool for managing applications in containers
The team behind the popular pentesting Kali Linux distro has released Kaboxer, a tool to help penetration testers use older applications that don’t work on modern operating systems, apps that need to run in isolation, and applications that are hard to package properly.
A leadership guide for mitigating security risks with low code platforms
The low code market continues to grow, increasingly finding adoption for more diverse and serious applications among enterprises and independent software vendors (ISVs).
Thoughts on Biden’s cybersecurity Executive Order
A few days after the devastating Colonial Pipeline ransomware hack, the Biden Administration released a new Executive Order on Improving the Nation’s Cybersecurity Posture. The timing of this move does not seem accidental.
Why is patch management so difficult to master?
This question has plagued IT and security departments for years. Each month these teams struggle to keep up with the number of patches issued by the myriad of vendors in their technology stack. And it’s not a small problem. According to a Ponemon Institute report, more than 40% of IT and security workers indicated they suffered a data breach in the last two years due to unpatched vulnerabilities.
Why cybersecurity products always defy traditional user reviews
Drawing upon reviews taken online is a losing gamble when it comes to cybersecurity tools. Like with everything else, caveat emptor stands: draw up your requirements first, do your own research, perform your own testing and you’ll end up with something you actually need, rather than something a vendor wants you to have.
It’s time to shift from verifying data to authenticating identity
As fraudsters continue to develop increasingly sophisticated schemes that allow them to produce an apparent valid identity, either by stealing personal data or fabricating it themselves, organizations need to make a fundamental shift in their fraud-fighting strategies. Rather than performing authentication through a series of data point verifications, they should instead examine the linkages between all the identity markers holistically over time.
How to implement cybersecurity for modern application connectivity
If public and private organizations want to join in the fight for modern application security, they should review and assess the many tools needed to be successful in that fight.
Label standard and best practices for Kubernetes security
This article talks about label standard and best practices for Kubernetes security, a common area where I see organizations struggle to define the set of labels required to meet their security requirements. My advice is to always start with a hierarchical security design that can achieve your enterprise security and compliance requirements, then define your label standard in alignment with your design.
Ransomware attribution: Missing the true perpetrator?
Headlines following recent ransomware attacks paint a landscape that acknowledges the true impact of such threats. Historical focus solely on attribution has made way for consideration of the human and financial toll that ransomware can have, not only to an organization but also to wider society.
How businesses can protect their brands and bottom lines against damage from illegal robocalls
Although the U.S. was the first to implement STIR/SHAKEN, other countries are increasingly requiring it, such as Canada, or considering it, such as the U.K. This global trend highlights how STIR/SHAKEN concepts such as digital signatures will be increasingly important worldwide for mitigating illegal robocalls, including those involving voice traffic that is cross-border.
Returning to the office? Time to reassess privileged access permissions
Organizations need to revisit their privileged access permissions and double down on their security strategy to protect their data and people from being exposed in the next big data breach.
Security must become frictionless for companies to fully secure themselves
Ensuring adequate security in the face of a rapid increase in the quantity and sophistication of cyberattacks requires more effort and resources than most organizations are typically capable of providing for themselves.
Four proactive steps to make identity governance a business priority
Securing digital identities is crucial to business success today, but far too often, it’s an afterthought. As such, identity governance shouldn’t be celebrated as a singular component of security, but rather a capability that should be woven into the data governance fabric of every organization. With the ability to safeguard information, facilitate compliance, and streamline work processes, it’s hard to believe identity governance is not a typical business priority.
How data manipulation could be used to trick fraud detection algorithms on e-commerce sites
As the marketing of almost every advanced cybersecurity product will tell you, artificial intelligence is already being used in many products and services that secure computing infrastructure. But you probably haven’t heard much about the need to secure the machine learning applications that are becoming increasingly widespread in the services you use day-to-day.
Can zero trust kill our need to talk about locations?
When adopting a location-agnostic architecture like zero trust, you need to augment it with other edge protections like web application firewalls and multi-factor authentication.
Open-source tool Yor automatically tags IaC resources for traceability and auditability
Yor is an open-source tool from Palo Alto Networks that automatically tags cloud resources within infrastructure as code (IaC) frameworks such as Terraform, Cloudformation, Kubernetes, and Serverless Framework.
New infosec products of the week: May 28, 2021
A rundown of the most important infosec products released last week.