Week in review: Log4Shell updates, Kronos ransomware attack, unused identities threat

week in review

Here’s an overview of some of last week’s most interesting news, articles and interviews:

Log4Shell: A new fix, details of active attacks, and risk mitigation recommendations
Due to the extraordinary widespread use of the open-source Apache Log4j library, the saga of the Log4Shell (CVE-2021-44228) vulnerability is nowhere near finished.

The Log4j JNDI attack and how to prevent it
The disclosure of the critical Log4Shell (CVE-2021-44228) vulnerability and the release of first one and than additional PoC exploits has been an unwelcome surprise for the entire information security community, but most of all those who are tasked with keeping enterprise systems and network secure.

Ransomware hits HR solutions provider Kronos, locking customers out of vital services
The end of the year chaos caused by the revelation of the Log4Shell vulnerability has, for some organizations, been augmented by a ransomware attack on Ultimate Kronos Group (UKG), one of the biggest HR and workforce management solutions providers in the US.

Microsoft patches spoofing vulnerability exploited by Emotet (CVE-2021-43890)
Microsoft has delivered fixes for 67 vulnerabilities, including a spoofing vulnerability (CVE-2021-43890) actively exploited to deliver Emotet/Trickbot/Bazaloader malware family.

The impact of the Log4j vulnerability on OT networks
Operational Technology (OT) networks are at risk from the recently-announced Apache Log4j (CVE-2021-44228) vulnerability. On the surface, it is not clear why this should be.

Hacker-powered pentests gaining momentum
Hackers have reported over 66,000 valid vulnerabilities this year – over 20% more than 2020 – with hacker-powered pentests seeing a 264% increase in reported vulnerabilities, HackerOne has announced.

Modern cars: A growing bundle of security vulnerabilities
In this interview with Help Net Security, Laura Hoffner, Chief of Staff at Concentric, talks about modern car vulnerabilities, the techniques hackers are using to compromise connected vehicles and how to protect users.

How C-suite executives perceive their organizations’ readiness for ransomware attacks
A new (ISC)² study provides insights for cybersecurity professionals into the minds of C-suite executives and how they perceive their organisations’ readiness for ransomware attacks. This data underscores the need for clearer and more frequent communications between cybersecurity teams and executives and offers best practices security leaders should implement to improve those interactions.

Enterprise email encryption without friction? Yes, it’s possible
Secure communication enables more efficient communication and the secure exchange of digital documents. It can also be a fantastic customer service tool and – crucially – it allows organizations to comply with a perpetually changing landscape of industry- and region-specific data protection regulations.

Employees think they’re safe from cyberthreats on company devices
A research launched by Menlo Security reveals increased cybersecurity risks posed to employees and organizations during the 2021 holiday shopping season.

Leveraging AIOps for a holistic view of network performance and security
In this interview with Help Net Security, Terry Traina, CTO at Masergy, talks about the benefits of leveraging AIOps and how it can help thwart growing security threats.

Password offenders: Who’s the naughtiest of them all?
In 2021, we’re celebrating the 60th anniversary of the computer password’s invention, but it also marks the year of some of the worst password mishaps this century. To honor the milestone, Dashlane announced its 2021 Worst Password Offenders list.

Unused identities: A growing security threat
According to our internal research, 6% of user accounts within an organization are inactive. But just because they are not being used does not mean that they cannot be compromised.

Hybrid work is dead, long live “work”
As we head into 2022, work will no longer be distinguished by where an employee (or student) is working or learning from. Work from wherever, on whatever device, will simply be “work.” This paradigm shift on the future of work has ripple effects for employees, students, and IT departments across every industry around the globe.

Passwordless verification API transforms every mobile phone into a security token for zero trust access
SIM authentication must not be confused with one-time passcodes sent over SMS. Although SMS OTP became the de facto standard for two-factor authentication, particularly in consumer apps, SMS 2FA is flawed.

Europe’s quantum communication plans: Defending against state-sponsored cyber attacks
State-sponsored cyberattacks are on the rise and are a significant part of the future of warfare. Why would a nation send humans to a frontline when it can take out the critical infrastructure of an adversary nation from behind a computer (or millions of computers working in a coordinated attack)?

How to implement security into software design from the get-go
Software professionals know that the working relationship between developers and security teams can be complicated. Most security professionals feel it’s part of a programmer’s role to write code securely, but most developers get next to no support to do it.

Digital IDs don’t have to impinge on civil liberties and privacy
The shift towards an increasingly digital world has become overwhelmingly apparent. The coronavirus era has forced a technological leap on all fronts, and incumbent technologies are struggling to hold back a deluge of fraud and cybercrime. Between the need for secure access to digital services and the demand for increased security, the case for a trusted and verifiable ID system has never been stronger.

Want to assemble a cyber Dream Team? Look back at the ‘92 Olympics
The best way for enterprises to defend themselves from the escalating prevalence of cyberattacks is by channeling the USA Dream Team with a group of individuals with positive attitudes and diverse skill sets who collaborate, complement, and empower one another.

CasaOS: Open-source home cloud based on the Docker ecosystem
For parents and families, the thought of someone gaining access to sensitive information can be nothing short of a nightmare. However, one group of developers are on a mission to empower families to take their privacy into their own hands. IceWhale Technology uveiled CasaOS, an open-source home cloud OS based on the Docker ecosystem.

Ultimate guide to the CCSP: Build the most needed skill in cybersecurity
Cloud security is the top needed skill in the field. Prove you’re at the forefront with Certified Cloud Security Professional (CCSP) certification. Considered the industry’s premier cloud security credential, it shows you have the advanced technical skills and knowledge organizations around the globe demand.

Foundational cloud security with CIS Benchmarks
Cloud service providers (CSPs) have changed the way organizations of all sizes architect and deploy their IT environments. CSPs now make it possible for organizations to rapidly implement new technologies with greater levels of ease and scalability.

Product showcase: Is Crystal Eye XDR the most comprehensive security platform on the market?
In this product showcase, we look at Red Piranha’s Crystal Eye XDR platform. Red Piranha pioneered the integrated security service model back in 2015 with out of the box MDR and Incident Response capability, now known as XDR.

Immudb: Open-source database, built on a zero trust model
Now, with full transactional support for everyday business applications, the open source immudb tamper-proof database can serve as the main transactional database for enterprises. Version 1.2 has the ability to rollback changes and have data expire.

New infosec products of the week: December 17, 2021
Here’s a look at the most interesting product releases from the past week, featuring releases from AwareGO, MetricStream, MobileSphere, Nerdio, Ping Identity, Pondurance, Syxsense, and Tufin.

More about

Don't miss