Week in review: Intel chip flaw, shedding light on hidden root CAs, Emotet stages a comeback

week in review

Here’s an overview of some of last week’s most interesting news, articles and interviews:

Researchers shed light on hidden root CAs
How widespread is the use of hidden root CAs and certificates signed by them? To answer that and other questions, a group of researchers from several Chinese and U.S. universities and Qihoo 360, the company developing the 360 Secure Browser, have collected 5 months worth of certificate data from volunteer users and analyzed certificate chains and verification statuses in web visits.

Intel chip flaw could enable attacks on laptops, cars, medical devices (CVE-2021-0146)
Researchers uncovered a vulnerability in Intel Processors that could affect laptops, cars and embedded systems. The flaw (CVE-2021-0146) enables testing or debugging modes on multiple Intel processor lines, which could allow an unauthorized user with physical access to obtain enhanced privileges on the system.

Emotet stages a comeback via Trickbot and spam
According to the researchers, whoever is trying to bring the Emotet botnet back online has started by using the Trickbot botnet to drop the malware, and then added the tried and tested method of sending spam with attachments and links to it.

GitHub fixed serious npm registry vulnerability, will mandate 2FA use for certain accounts
GitHub has fixed a serious vulnerability that would have allowed attackers to publish new, malicious versions of any existing package on the npm registry.

How to achieve permanent server hardening through automation
Information security standards such as PCI DSS and ISO 27001 and regulations such as HIPAA and CMMC mandate system hardening as one of the most basic defenses against cyber intrusions. The reason for this should be obvious to anyone: What’s the point of implementing more advanced security measures and protections if you don’t first bolt all the unnecessary “doors” through which attackers can enter your systems and networks?

The future of digital infrastructure: Top 10 predictions
IDC’s top 10 predictions for the future of digital infrastructure point to a digital infrastructure strategy that addresses resiliency and trust; data-driven operational complexity; and business outcomes-driven sourcing and autonomous operations.

How do I select a policy automation solution for my business?
To select a suitable policy automation solution for your business, you need to think about a variety of factors. We’ve talked to several industry professionals to get their insight on the topic.

Top risks auditors should cover in their 2022 audit plans
Ransomware and the long-term effects of COVID-19 on markets and organizations are key items to cover in 2022 audit plans, according to a Gartner report. The report also identified evolving societal expectations for enterprises, such as environmental, social and governance (ESG) risks, and operational resilience as top risk areas for 2022.

Cloud compliance: Falling out of it could spell doom
In this Help Net Security interview, Bill Tolson, VP of Global Compliance and eDiscovery at Archive360, talks about the importance of cloud compliance and what companies can do meet the requirements when shifting to the cloud.

Healthcare organizations at risk: The attack surface is expanding
Armis released data showing the increased security risk faced by healthcare organizations and patients as an increase in connected devices creates an expanded attack surface, putting the patient journey at risk.

The latest trends in online cybersecurity learning and training
In this interview with Help Net Security, Mike Hendrickson, VP of Technology & Developer Solutions at educational technology company Skillsoft, talks about the trends in online cybersecurity learning and training that have emerged in the last few years.

Digital life after death: Do you have a password-sharing plan in place?
COVID-19 triggered many American Millennials to finally begin estate planning, according to new research, which found 72% of those respondents with wills created or updated them in the past year. Moreover, 34% of Millennials broached the subject of a digital handover with their parents in the past year.

How to improve your SaaS security posture and reduce risk
In this Help Net Security interview, Maor Bin, CEO at Adaptive Shield, talks about the SaaS security space and how Adaptive Shield help security teams gain control over their SaaS security landscape.

10,000+ websites and apps are vulnerable to Magecart
Some of the world’s largest companies across retail, banking, healthcare, energy and many other sectors, including Fortune 500, Global 500 and governments are failing to prevent Magecart attacks, Cyberpion research revealed.

How to handle third-party security risk management
In this Help Net Security interview, Demi Ben-Ari, CTO at Panorays, talks about third-party security risk management and the repercussions of a third-party breach. He also discusses the Panorays platform that automates, accelerates and scales customers’ third-party security evaluation and management process.

Cultural divide between IT and OT teams leaves 65% of organizations unable to secure both environments
Only 21% of organizations have achieved full maturity of their ICS/OT cybersecurity program, in which emerging threats drive priority actions and C-level executives and the board are regularly informed about the state of their OT security, a Ponemon Institute report reveals.

When it comes to securing systems against quantum computers, there is no one-size-fits-all solution
Quantum computers will rapidly solve complex mathematical problems. This includes the ability to break both RSA and ECC encryption in seconds. In response, NIST has been leading an effort to define new cryptographic algorithms that will withstand attacks from quantum computers.

Zoom patches vulnerabilities in its range of conferencing apps
Zoom has patched vulnerabilities in its range of local solutions for conferences, negotiations and recordings – Zoom Meeting Connector Controller, Zoom Virtual Room Connector, Zoom Recording Connector and others.

When cybersecurity becomes terrifying
Some cybersecurity horror stories are not your typical horror stories: there’s no danger from a chainsaw-wielding maniac hiding behind a server rack, the Candyman won’t appear if you say his name three times while staring at your 4K monitor, and it’s not like a vampire or werewolf can bite into a firewall.

Operational technology and zero trust
The recent push to adopt zero trust across industries is focused mainly on information technology (IT) and remote workforces, rather than the entire organization, including any operational technology (OT) in use. This leaves a significant portion of the organization unprotected and at risk.

We need a Cyber Awareness Century
For a generation of people that panic if they leave home without their phone or in the event of a social media outage, we are still very unequipped to handle the internet’s possibilities securely.

Combating cybercrime: Lessons from a CIO and Marine veteran
Combating cybercrime is exponentially more difficult than combating traditional criminal activities, as technologies and techniques make it very easy for cybercriminals to hide their true identities, locations, and allegiances. It’s a sobering situation, one that has resulted in extensive intellectual property theft, enormous financial losses, and the disruption of supply chains that deliver essential goods.

Illuminating the path: Compliance as the key to security-by-design
Like taxes or going to the dentist, compliance is one of those topics that people often don’t like to contemplate. There are many reasons for the distaste but this “anything-but-compliance” mindset can lead to problems.

The six most common threats against the device that knows you best
What is the most intimate relationship in your life—aside from your partner, your children or your parents? For many of us, it’s our mobile phone. It’s the last thing we see before sleep, and it’s usually the first thing in our hands each morning.

Bots are lurking in your zombie and shadow APIs
By far this year’s biggest trend that we’ve observed in the land of APIs is that every organization has shadow and zombie APIs and they’re a much bigger issue than most people want to believe. Maybe they’re taking the “If I’ve never seen it, then it doesn’t exist” approach to API security.

Lack of API visibility undermines basic principle of security
One of the oldest principles of security is that you cannot secure what you cannot see. Visibility has always been the starting place for monitoring and protecting attack surface and valuable resources.

Report: The ROI of Modern Pentesting 2021
Does your pentesting program bring enough value? Find out in this exclusive in-depth report comparing Pentest as a Service (PtaaS) vs. traditional consulting engagements and check out our ROI calculator to learn how PtaaS can double your pentesting impact.

New infosec products of the week: November 19, 2021
Here’s a look at the most interesting product releases from the past week, featuring releases from 1Password, Fortanix, Jetico, Palo Alto Networks, Saviynt, StorONE, Viavi Solutions and WatchGuard.

More about

Don't miss