Week in review: Finding stolen credentials on VirusTotal, BNPL attracting fraudsters

Week in review

Here’s an overview of some of last week’s most interesting news, articles and interviews:

Google Drive starts warning users about suspicious files
Google has announced on Thursday that it has started warning users when they open potentially suspicious or dangerous files hosted on Google Drive.

New SolarWinds Serv-U vulnerability targeted in Log4j-related attacks
Attackers looking to exploit recently discovered Log4j vulnerabilities are also trying to take advantage of a previously undisclosed vulnerability in the SolarWinds Serv-U software (CVE-2021-35247).

Ukraine: Wiper malware masquerading as ransomware hits government organizations
Microsoft researchers have revealed evidence of a malware operation targeting multiple organizations in Ukraine, deploying what seems to be ransomware but is actually Master Boot Records (MBR) wiper malware.

Phishers’ favorite brands in Q4 2021
International courier and package delivery company DHL heads the list of most imitated brands by phishers and malware peddlers in Q4 2021, according to Check Point Research.

VirusTotal Hacking: Finding stolen credentials hosted on VirusTotal
VirusTotal, the popular online service for analyzing suspicious files, URLs and IP addresses, can be used to collect credentials stolen by malware, researchers at SafeBreach have found.

Phishers go after business email credentials by impersonating U.S. DOL
Phishers are trying to harvest credentials for Office 365 or other business email accounts by impersonating the U.S. Department of Labor (DOL), Inky‘s researchers have warned.

AI to bring massive benefits, but also cause great concern
In this interview with Help Net Security, Matthew Rosenquist, CISO at Eclipz.io, explains the benefits as well as the disadvantages of AI, and the tremendous impact it could have on our society.

SecOps teams are understaffed and overworked
Organisations have work to do if they want to attract and retain diverse talent in their security operations (SecOps) teams, according to SOC.OS and Sapio Research.

AI and ML implementation in cybersecurity programs pushes for a change in people’s mindset
In this interview with Help Net Security, Scott Laliberte, Managing Director at Protiviti, talks about the implementation of AI and ML in cybersecurity programs, why this is a good practice and how it can advance cybersecurity overall.

Stealthy firmware bootkit leveraged by APT in targeted attacks
Kaspersky researchers have uncovered the third known case of a firmware bootkit in the wild. Dubbed MoonBounce, this malicious implant is hidden within Unified Extensible Firmware Interface (UEFI) firmware, an essential part of computers, in the SPI flash, a storage component external to the hard drive.

Governments struggle to deliver secure online citizen services
Auth0 released the findings of its Public Sector Identity Index, a global research report that provides government technology leaders with insight into the identity maturity of public sector organizations around the world. The report, conducted by Market Connections, highlights the importance of a centralized identity strategy in putting safe and accessible services into the hands of citizens faster.

Is cloud the solution to optimized data privacy?
In this interview with Help Net Security, Sophie Stalla-Bourdillon, Senior Privacy Counsel and Legal Engineer at Immuta, talks about data privacy, what organizations can a must do to keep data secure, and explains the technologies that can help optimize data protection processes.

PCI SSC updates card security standards to secure the card production process
The PCI Security Standards Council (PCI SSC) announced the availability of the PCI Card Production and Provisioning Security Requirements version 3.0. The updated standard helps payment card vendors secure the components and sensitive data involved in the production of payment cards, protecting against fraud via the compromise of card materials.

When protecting and managing digital identities, orchestration and automation are critical
In this interview with Help Net Security, David Mahdi, CSO of Sectigo, talks about the importance of digital identity management, the issues organizations have with digital identities and what they can do to overcome them.

Trends that will shape the security industry in 2022
Entering 2022, the world continues to endure the pandemic. But the security industry has, no doubt, continued to shift, adapt, and develop in spite of things. Several trends have even accelerated. Beyond traditional “physical security,” a host of frontiers like AI, cloud computing, IoT, and cybersecurity are being rapidly pioneered by entities big and small in our industry.

The importance of securing machine-to-machine and human-to-machine interaction
In this interview with Help Net Security, Oded Hareven, CEO at Akeyless, explains how organizations manage secrets, particularly how this practice has changed and evolved amid the rapid shift to hybrid/remote work and how it benefits organizations security wise.

What are the barriers to moving legacy data to the cloud?
While 95% of tech leaders worldwide say moving their legacy application data to the cloud is a priority, and 80.5% want to do it within the next 12 months, only 35% of tech leaders currently store more than half their legacy data in the cloud.

IR and SimEx: Can and should they be standardized?
The National Cyber Security Centre (NCSC) intends to launch a new assurance scheme for incident response (IR) and simulated exercises (SimEx) in Q2 2022, which could become a real gamechanger for the security sector. This will effectively see the standardization of IR and SimEx across the board and extend the commercial reach, opening new markets to assured providers.

Software supply chain attacks jumped over 300% in 2021
Software supply chain attacks grew by more than 300% in 2021 compared to 2020, according to a study by Argon Security.

How Buy Now, Pay Later is being targeted by fraudsters
Consumers are increasingly utilising Buy Now Pay Later (BNPL) payment options to make online purchases. Indeed, several e-commerce companies reported huge uptakes in sales, via BNPL, over the festive period, most notably around 2021’s Black Friday and Cyber Monday retail peaks.

Cyber risks top worldwide business concerns in 2022
Cyber perils are the biggest concern for companies globally in 2022, according to the Allianz Risk Barometer. The threat of ransomware attacks, data breaches or major IT outages worries companies even more than business and supply chain disruption, natural disasters or the COVID-19 pandemic, all of which have heavily affected firms in the past year.

Cultivating a security-first mindset for software developers
There is a “great cyber security awakening” happening across companies. Right now, we need a fundamental new approach to development, so we are not constantly firefighting.

Endpoint malware and ransomware detections hit all-time high
Endpoint malware and ransomware detections surpassed the total volume seen in 2020 by the end of Q3 2021, according to researchers at the WatchGuard Threat Lab. In its latest report, WatchGuard also highlights that a significant percentage of malware continues to arrive over encrypted connections.

The evolution of security analytics
As networks continue to evolve and security threats get more complex, security analytics plays an increasingly critical role in securing the enterprise. By combining software, algorithms and analytic processes, security analytics helps IT and security teams proactively (and reactively) detect threats before they result in data loss or other harmful outcomes.

Many users don’t know how to protect their broadband Wi-Fi routers
Millions of home broadband Wi-Fi routers in the UK could be at risk because many internet users do not take basic security precautions that could protect them from online threats, research from Broadband Genie has found.

The CISO’s guide to evaluating third-party security platforms
A comprehensive third-party security program can align your vendor’s security with your internal security controls and risk appetite. Such a program can also help you remediate risk if your vendors fall short. And the right third-party security management platform can be a smart way to get your program off the ground or automate the one you already have in place.

Product showcase: Adaptive Shield SaaS Security Posture Management
Whether it’s Office 365, Salesforce, Slack, GitHub or Zoom, all SaaS apps include a host of security features designed to protect the business and its data. The job of ensuring that these apps’ security settings are properly configured falls on the security team.

New infosec products of the week: January 21, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Axonius, GrammaTech, Kovrr, SpyCloud, and TAC Security.

More about

Don't miss