Week in review: Apache Log4j 0day exploited, Kali Linux 2021.4 released, Patch Tuesday forecast

week in review

Here’s an overview of some of last week’s most interesting news, articles and interviews:

Critical RCE 0day in Apache Log4j library exploited in the wild (CVE-2021-44228)
A critical zero-day vulnerability in Apache Log4j (CVE-2021-44228), a widely used Java logging library, is being leveraged by attackers in the wild.

Kali Linux 2021.4 released: Wider Samba compatibility, The Social-Engineer Toolkit, new tools, and more!
Offensive Security released Kali Linux 2021.4, which comes with a number of improvements: wider Samba compatibility, switching package manager mirrors, enhanced Apple M1 support, Kaboxer theming, updates to Xfce, GNOME and KDE, Raspberry Pi Zero 2 W + USBArmory MkII ARM images, as well as new tools.

December 2021 Patch Tuesday forecast: How do you stack up?
This is the year of supply chain attacks. Prior to January, most of us had rarely heard that term, but then Solarwinds, Kaseya, and others were in the news and we heard it throughout the year.

Vulnerabilities in Eltima SDK affect popular cloud desktop and USB sharing services
SentinelOne researchers have unearthed a number of privilege escalation vulnerabilities in Eltima SDK, a library used by many cloud desktop and USB sharing services like Amazon Workspaces, NoMachine and Accops to allow users to connect and share local devices over network.

Attackers exploit another zero-day in ManageEngine software (CVE-2021-44515)
A vulnerability (CVE-2021-44515) in ManageEngine Desktop Central is being leveraged in attacks in the wild to gain access to server running the vulnerable software.

It’s time to patch your SonicWall SMA 100 series appliances again!
SonicWall has fixed a handful of vulnerabilities affecting its SMA 100 series appliances and is urging organizations to implement the patches as soon as possible.

QNAP NAS devices targeted by new bitcoin miner
Unsecured QNAP NAS devices are getting covertly saddled with a new bitcoin miner, QNAP has warned users.

Adapting higher education to address the cybersecurity skills shortage
In this Help Net Security interview, Dr. Jason R.C. Nurse, Associate Professor in Cyber Security in the School of Computing and the Institute of Cyber Security for Society (iCSS), at the University of Kent, talks about cybersecurity higher education and how it can help close the cybersecurity skills gap.

How proactive are companies when managing data?
33 percent of U.S. companies are not proactively putting in place systems to monitor, warehouse and protect their internal data, despite growing international regulations mandating it and heightened legal risks associated with data theft, a BigID and ServiceNow report reveals.

2022 and the threat landscape: The top 5 future cybersecurity challenges
Digital adoption has rapidly accelerated and as a result, the threat surface has also expanded. As we look ahead to 2022, there will be new and evolving cybersecurity challenges on the horizon for CISOs.

Cybercrime supply chain: Fueling the rise in ransomware
Trend Micro released a research detailing the murky cybercrime supply chain behind much of the recent surge in ransomware attacks. Demand has increased so much over the past two years that many cybercriminal markets now have their own “Access-as-a-Service” sections.

Making robotics security a top priority
There is one key area of development robotics companies cannot overlook in the race to quickly get their robots to market, and that’s security. Businesses that develop and produce robots must ensure security is a priority from the moment the design of a robot is conceived, and not an afterthought.

Fraudulent e-commerce transactions spiked between Thanksgiving and Cyber Monday
17.46% of all global e-commerce transactions between Thanksgiving and Cyber Monday were potentially fraudulent, a TransUnion report reveals. Those numbers were slightly higher in the U.S. where 19.66% were suspected fraudulent.

Secure transactions top retailers’ wish lists this holiday season
We are amid the busiest retail season of the year, with U.S. retail sales expected to grow 10.5% to a record $859 billion this holiday season compared to 2020. The number of transactions is increasing, but so is the number of hackers who are targeting shoppers’ cardholder data.

Kafdrop flaw allows data from Kafka clusters to be exposed Internet-wide
Researchers at Spectral discovered a security flaw in Kafdrop, a popular open-source UI and management interface for Apache Kafka clusters that has been downloaded more than 20 million times.

EU key management in 2022
It was reported that the private key used to sign EU Digital Covid certificates (aka “vaccine passports”) was leaked and circulated on messaging apps and online data breach marketplaces. The key was misused to generate certificates for Adolf Hitler, Mickey Mouse, and Sponge Bob that were, for a short time, recognized as valid by official government apps.

How to protect air-gapped networks from malicious frameworks
ESET researchers present their analysis of all malicious frameworks used to attack air-gapped networks known to date. An air-gapped network is one that is physically isolated from any other network in order to increase its security.

The threats of modern application architecture are closer than they appear
Modern applications and software have evolved as the transition to the cloud was accelerated by widespread digital transformation, as enterprises of all sizes made heavy investments in their technology stacks. This opened the floodgates for a new era of technology, with developers creating software for business use at a much higher level than previously.

2021 will be a record-breaking year for data breaches, what about 2022?
In a new Experian forecast, five predictions for 2022 underscore the ongoing impact of the pandemic on cybersecurity. Cybercriminals will continue to exploit vulnerabilities within remote working and the vaccine ecosystem, but also set their sights on new targets such as online gambling.

From DDoS to bots and everything in between: Preparing for the new and improved attacker toolbox
A quick glance at global headlines shows a new breach, ransomware, DDoS, or bot attack on a near-daily basis. Orchestrating these attacks and selling hacking tools has become a lucrative business strategy for those on the dark side. Much of the increased success of attacks can be attributed to how threat actors and cybercriminals have industrialized their toolboxes to remain one step ahead of defenses and stay off radar.

Burned out workers are less likely to follow security guidelines
Workers in every industry are increasingly burned out, leading to apathy and a lower guard toward workplace security. To understand this burnout phenomenon, 1Password released a report based on a survey of 2,500 adults.

Extracting value from the interconnected network of risk management
From the CISO to the SOC operator, defenders struggle to maintain complete situational awareness. Holistic approaches to risk management require the implementation of a manageable number of policies and procedures but are tied to an often unmanageable and misunderstood ecosystem of tooling and controls.

Microsoft vulnerabilities have grave implications for organizations of all sizes
Microsoft software products are a connective tissue of many organizations, from online documents (creating, sharing, storing), to email and calendaring, to the operating systems that enable business operations on the front and back ends, both in the cloud and on premises.

Save 20% on official (ISC)² CCSP online self-paced training
The (ISC)² Certified Cloud Security Professional (CCSP) credential positions professionals at the highest level of mastery for cloud security. Achieving CCSP validates expert skills to design, manage and secure data, applications and infrastructure in the cloud using best practices, policies and procedures.

CIS Benchmarks communities: Where configurations meet consensus
You can join the CIS Benchmark communities anytime! Simply register on CIS WorkBench. It’s free to join and contribute to the CIS Benchmarks development.

Webcast: Why your email encryption solution is doomed
Have you tried to set up top-notch email encryption and failed? Up-to-date email encryption solutions are in states of constant change with new use-cases constantly being created.

XMGoat: Open-source pentesting tool for Azure
XMGoat is an open-source tool that enables penetration testers, red teamers, security consultants, and cloud experts to learn how to abuse different misconfigurations within the Azure environment.

New infosec products of the week: December 10, 2021
Here’s a look at the most interesting product releases from the past week, featuring releases from Action1, Cloudflare, Code42, F5 Networks, NetQuest, Oxeye, SentinelOne and Tenable.




Share this