Week in review: Clever Office 365 phishing, 2021 CWE Top 25, Patch Tuesday forecast

Here’s an overview of some of last week’s most interesting news, articles and podcasts:

Patch bypass flaw in Pulse Secure VPNs can lead to total compromise (CVE-2021-22937)
The patch for a vulnerability (CVE-2020-8260) in Pulse Connect Secure VPN devices that attackers have been exploiting in the wild can be bypassed, security researcher Rich Warren has found.

A clever phishing campaign is targeting Office 365 users
Microsoft is warning about an ongoing, “sneakier than usual” phishing campaign aimed at Office 365 users.

August 2021 Patch Tuesday forecast: Dealing with emergency patching
The PrintNightmare print spooler vulnerability, CVE-2021-34527, caused a lot of excitement last month. If you’re still in an active patch cycle, ensure you install the latest cumulative (or monthly rollup) to address this vulnerability.

Vulnerable TCP/IP stack is used by almost 200 device vendors
Researchers have discovered 14 new vulnerabilities affecting the proprietary NicheStack (aka InterNiche) TCP/IP stack, used in OT devices such as the extremely popular Siemens S7 PLCs.

A look at the 2021 CWE Top 25 most dangerous software weaknesses
The 2021 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses is a demonstrative list of the most common issues experienced over the previous two calendar years.

Critical vulnerabilities may allow attackers to compromise hospitals’ pneumatic tube system
Armis researchers have unearthed critical vulnerabilities in Swisslog Healthcare’s Translogic pneumatic tube system, which plays a crucial role in patient care in more than 3,000 hospitals worldwide (including 80% of hospitals in North America).

SAP applications more vulnerable than users might think
Many application owners are unaware of how vulnerable their SAP applications may be, significantly increasing the risks to their core enterprise systems. This is the overall conclusion of a Turnkey Consulting and Onapsis report.

A digital shift requires a new approach to asset management: How to reduce security risks
The global pandemic forced organizations to rapidly accelerate their digital transformation. As a result, nearly overnight, companies spanning all sizes and sectors deployed technologies like cloud and containers to support the shift to IoT and address the remote workforce.

What is DataSecOps and why it matters
In this Help Net Security podcast, Ben Herzberg, Chief Scientist at Satori, explains what DataSecOps is, and illustrates its significance.

AWS S3 can be a security risk for your business
As the use of AWS’ Amazon Simple Storage Service (S3) increased, so have the content types that are stored and shared on it. AWS S3 buckets are now exposed via additional channels and APIs, which create new security blind spots that hackers are waiting to exploit.

CISA launches US federal vulnerability disclosure platform
Bug hunters who want to help the US federal government secure their online assets can now source all the relevant information from a vulnerability disclosure policy (VDP) platform offered by the Cybersecurity and Infrastructure Security Agency (CISA).

Ransom demands reaching $1.2M, smaller companies increasingly targeted
Ransom demands have grown substantially over the past year, smaller companies are increasingly targeted, and cyber criminals continue to take advantage of dislocations in how we work, according to a Coalition report.

Ransomware attacks skyrocketed in H1 2021
In the first half (H1) of 2021, ransomware attacks skyrocketed, eclipsing the entire volume for 2020 in only six months, according to the mid-year update to the SonicWall report. In a new paradigm for cybercrime, SonicWall is analyzing how threat actors are using any means possible to further their malicious intents.

Cybercriminals are manipulating reality to reshape the modern threat landscape
VMware released a report which analyzes how cybercriminals are manipulating reality to reshape the modern threat landscape. The report found a drastic rise in destructive attacks, where adversaries deploy advanced techniques to deliver more targeted, sophisticated attacks that distort digital reality, be it via business communications compromise (BCC) or the manipulation of time.

How real-time computing can sound the kill chain alarm
With the increasing number of large-scale attacks, organizations across all industries, and especially those that meet critical needs, must become better prepared.

92% of pharmaceutical companies have at least one exposed database
Reposify released its Pharmaceutical Industry Attack Surface Exposures Report examining the security posture of the world’s leading pharmaceutical companies.

Demystifying cybersecurity with a more human-centric approach
Regardless of the size of the business, the reality is that cybersecurity is not just the domain of security professionals or its executives. Every single employee within a company has a hand in the protection of the business, as they handle company data, manipulate it, and communicate it as part of their jobs.

Review: Group-IB Digital Risk Protection
In this review, we will analyze Group-IB Digital Risk Protection, an Al-driven product that helps detect the exposure of your digital assets and protect them from misuse.

Gamification can redefine the cybersecurity demo experience
Lead generation is the easy part of the sales cycle. Marketing activities, sales enablement tools, events, and so on should create the perfect environment that allows sales teams to fill their sales funnel (if they are doing their job effectively). But while it may be possible to generate 200+ qualified enterprise leads in any given quarter, it is frequently the “last mile” in selling that can feel like an uphill journey.

How to build a zero-trust cloud data architecture
Cloud computing has had a profound impact on CISOs. They realize its cheap storage, immense scalability, resource elasticity and accessibility from anywhere in the world, at any time, has created a competitive advantage for the companies whose data they’re in charge of protecting. But these same factors, especially its accessibility, make their jobs infinitely more difficult.

With Crime-as-a-Service, anyone can be an attacker
For hackers, phishing is one of the easiest ways to steal your organization’s data. Traditionally, executing a successful phishing campaign required a seasoned cybercriminal with technical expertise and knowledge of social engineering. However, with the emergence of CaaS, just about anyone can become a master of phishing for a small fee.

Organizations still rely on weak security for remote workers
A new survey of enterprise IT security leaders showed almost 80 percent believe remote workers are at more risk for phishing attacks now because they’re isolated from their organizations’ security teams.

Supply chain attacks expected to multiply by 4 in 2021
Supply chain attacks have been a concern for cybersecurity experts for many years because the chain reaction triggered by one attack on a single supplier can compromise a network of providers. Malware is the attack technique that attackers resort to in 62% of attacks.

The destructive power of supply chain attacks and how to secure your code
In this Help Net Security podcast, Tomislav Peričin, Chief Software Architect at ReversingLabs, explains the latest and most destructive supply chain attacks, their techniques and how to build more secure apps.

The importance of compute lifecycle assurance in a zero-trust world
With the proliferation of attack surfaces in IoT, the increase in firmware-based attacks on hardware, and growing threats to systems throughout their lifecycle, companies are beginning to embrace the new model of zero trust for systems.

RIP guest access, long live shared channels!
While many yearn to return to pre-pandemic days, some aspects of our new normal are welcome. Most notable is the flexibility of hybrid working, with a great majority of employers reporting they will embrace greater flexibility post-pandemic, by deploying a hybrid onsite / remote work model.

Collaboration is key for cloud innovation
Developers and security professionals work in very different ways. While the former is likely to move and innovate fast – with quick coding and rapid application building a top priority – security teams will often take a more considered approach to ensure costly breaches are avoided and attack surfaces are reduced.

Blocked DDoS attack volumes up, tech, healthcare and finance most targeted
Second quarter blocked DDoS attack volumes were up more than 40% compared to the same period in 2020, a Radware report reveals. The report provides an overview of DDoS attack trends by industry, as well as across applications and attack types.

Can the public cloud become confidential?
It’s been often said that the only two certain things in life are death and taxes. Over the past ten years, it seems data breaches can be added to this list. Can an organization really be completely safe – without fear of losing confidential or regulated data, company secrets, and (increasingly) proprietary algorithms and AI code?

Are you ready for the CISSP exam?
Find out with the Official (ISC)² CISSP Flash Cards. Study for the CISSP exam anytime, anywhere using this FREE interactive self-study tool that tests knowledge across all eight CISSP domains and gives you immediate feedback to reinforce learning.

New infosec products of the week: August 6, 2021
Here’s a look at the most interesting product releases from the past week, featuring releases from McAfee, AppOmni, Satori, SentinelOne, and Optiv Security.




Share this