Week in review: Critical RCE in Palo Alto Networks firewalls, how to select a DRaaS solution


Here’s an overview of some of last week’s most interesting news, articles and interviews:

Critical RCE in Palo Alto Networks (PAN) firewalls revealed, patch ASAP! (CVE-2021-3064)
The existence of a critical RCE vulnerability (CVE-2021-3064) affecting certain versions of Palo Alto Networks (PAN) firewalls using the GlobalProtect Portal VPN has been revealed by a cybersecurity company that exploited it during red team engagements for the last 12 months.

Microsoft patches actively exploited Exchange, Excel zero-days (CVE-2021-42321, CVE-2021-42292)
It’s a light November 2021 Patch Tuesday from Microsoft: 55 fixed CVEs, of which two are zero-days under active exploitation: CVE-2021-42321, a Microsoft Exchange RCE, and CVE-2021-42292, a Microsoft Excel security feature bypass bug.

Vulnerabilities in Nucleus NET TCP/IP stack could lead to real-world damage
Researchers have unearthed 13 vulnerabilities affecting the Nucleus NET TCP/IP stack and have demonstrated how attackers could exploit them to cause serious real-world damage.

How do I select a DRaaS solution for my business?
To select a suitable DRaaS solution for your business, you need to think about a variety of factors. We’ve talked to several industry professionals to get their insight on the topic.

Security teams need to become more proactive and risk-driven
83% of companies would suffer business damage during the first 24 hours of an outage and thereafter, which comes as no surprise with recent surges in ransomware and other attacks wreaking havoc across IT infrastructures, a Dimensional Research survey reveals.

Unseen gatekeepers: Industrial software providers’ role securing global infrastructure
National infrastructure in almost every Western country has come under attack by threat actors in the last few years. These attacks have grabbed the attention of businesses, the public and politicians because the attackers have not held only the victim companies to ransom, but also wider society.

Younger generations care little about cybersecurity
SailPoint released a survey which aimed to identify gaps within organizations’ cybersecurity postures by analyzing workforce behaviors that blur work and personal lives, leading to security pitfalls.

Why integrating SIEM tools is crucial to managing threats
In many instances, the integration of a Security Information and Event Management (SIEM) tools with your existing cybersecurity software can help identify and mitigate malicious cyberattacks before they become catastrophic.

Mobile phishing exposure in the energy industry surged 161% in 2021
Mobile phishing exposure surged 161% within the energy industry between the second half of 2020 and the first half of 2021, a Lookout report reveals.

November 2021 Patch Tuesday forecast: More mandates in the United States
The global holiday season is upon us with Diwali happening now, Thanksgiving the end of the month, and then on to Christmas and New Years! But before we all start celebrating, we have November 2021 Patch Tuesday coming this week, which is an important one for many industries particularly retail.

80% of organizations experienced employees misusing and abusing access to business apps
Organizations continue to operate with limited visibility into user activity and sessions associated with web applications, despite the ever-present risk of insider threats and credential theft, a CyberArk research reveals.

Why are we still asking KBA questions to authenticate identity?
It is commonly understood that KBA represents an area of annoyance and friction not just for the users but also for businesses who must protect themselves – and their customers – from fraudulent schemes such as account takeover and identity theft.

Retail industry security incidents soaring, worsened by the supply chain crisis
Imperva’s 12-month analysis on cybersecurity risks in the retail industry suggests that the 2021 holiday shopping season will be further disrupted by cybercriminals looking to create chaos and take advantage of an unprecedented global supply chain crisis.

The cyber insurance dilemma: The risks of a safety net
Not only has the ask of the ransoms skyrocketed, but the average ransomware payment has also increased by 43% and reached $220,000 (from $154,108 in Q4 2020). A ransom of this size could easily push some small and medium-sized businesses to the brink of bankruptcy or lead to a halt of operations that they simply can not afford. Therefore, a lot of businesses are turning to cyber insurance for help.

Banking malware threats are increasing sharply
Banking malware threats are sharply increasing as cybercriminals target the rising popularity of mobile banking on smartphones, with plots aimed at stealing personal banking credentials and credit card information, a Nokia report reveals.

The role of visibility and analytics in zero trust architectures
Zero trust architecture (ZTA) is not a new concept, but with the White House Executive Order published earlier this year, many in the networking space have started to ask about how network visibility analytics fits into the equation. To answer that, we first need to look at what’s driving this shift.

EU Commission takes on challenge to improve the cybersecurity of wireless devices
The European Commission has taken action to improve the cybersecurity of wireless devices available on the European market. As mobile phones, smart watches, fitness trackers and wireless toys are more and more present in our everyday life, cyber threats pose a growing risk for every consumer.

Humanizing hackers: Entering the minds of those behind the attacks
Have you ever wondered what are hackers like, where they are based, and what are they thinking? They are human like everyone else – you wouldn’t be able to tell a hacker from a regular programmer. But they are often extremely smart software engineers who understand how the world of IT works, invariably a lot better than an average developer, so it’s no wonder that sometimes they end up being employed by government agencies.

API sprawl: A threat you might want to address later, but you can’t ignore it
F5 announced a report which analyzes the serious threat to business and the economy posed by the global proliferation of APIs.

Eliminate cyber friction with smarter technology
In modern organizations, it’s natural for there to be some friction between cybersecurity teams and employees. While the cybersecurity teams defends the organization’s attack surface with a defense-in-depth combination of tools, processes, and technology, it’s the employees who are really on the front lines.

Vulnerabilities associated with ransomware increased 4.5% in Q3 2021
Ransomware groups are continuing to grow in sophistication, boldness, and volume, with numbers up across the board since Q2 2021, a report by Ivanti, Cyber Security Works and Cyware reveals.

The world’s worst kept secret and the truth behind passwordless technology
One of the biggest security risks of modern-day business is the mass use of passwords as the prime authentication method for different applications. When the technology was first developed, passwords were perceived by individuals and businesses alike as a sure way of securing access to systems and sensitive data.

Most CIOs and CISOs underestimate the risk of an OT breach
A research study by Skybox Security found that 83% of organizations suffered an operational technology (OT) cybersecurity breach in the prior 36 months. The research also uncovered that organizations underestimate the risk of a cyberattack, with 73% of CIOs and CISOs “highly confident” their organizations will not suffer an OT breach in the next year.

Leveraging social media background checks to balance friction and risk
With ecommerce revenues higher than ever and estimated to reach $4.89 million in 2021 (per eMarketer), cart abandonment continues to be a major pain point for the industry and adjacent sectors, including payment processors and digital wallets. A closer look at the landscape suggests that an average of 69.8% online shopping baskets are never checked out by shoppers, according to consolidated data.

Organizations believe they are ready for ransomware attacks
Over the past year there has been a dramatic rise in ransomware attacks, and while all organizations are a target, large enterprises are bearing the brunt – experiencing an average of 10,000 attacks over the past two years. This is according to a Mimecast research report based on a global survey of 742 cybersecurity professionals.

Test your CCSP knowledge with interactive flash cards
Wondering if you’re ready for the CCSP exam? Find out with the Official (ISC)² CCSP Flash Cards, an interactive self-study tool that tests knowledge across all six CCSP domains. Study anytime, anywhere and get immediate feedback to reinforce learning.

Dependency Combobulator: Open source toolkit to combat dependency confusion attacks
Apiiro released Dependency Combobulator, a modular and extensible open source toolkit to detect and prevent dependency confusion attacks.

New infosec products of the week: November 12, 2021
Here’s a look at the most interesting product releases from the past week, featuring releases from ColorTokens, Huntsman Security, iStorage, ThreatQuotient and Tufin.

More about

Don't miss