Week in review: Samba vulnerability, phishing kits bypassing MFA, Patch Tuesday forecast

Week in review

Here’s an overview of some of last week’s most interesting news, articles and interviews:

February 2022 Patch Tuesday forecast: A rough start for 2022
January 2022 Patch Tuesday was a rough one for Microsoft — and us. In the week following Patch Tuesday, Microsoft was forced to pull and subsequently re-issue several updates for Windows Server 2012, 2019, and 2022, as well as Windows 10 and 11.

Samba bug may allow code execution as root on Linux machines, NAS devices (CVE-2021-44142)
A critical vulnerability (CVE-2021-44142) in Samba, a widely used open source implementation of the Server Message Block (SMB) networking protocol, could allow attackers to execute arbitrary code as root on affected Samba installations.

Cisco plugs critical holes in small business routers
Cisco has patched 14 vulnerabilities affecting some of its Small Business RV Series routers, the worst of which may allow attackers to achieve unauthenticated remote code execution or execute arbitrary commands on the underlying Linux operating system.

Phishing kits that bypass MFA protection are growing in popularity
The increased use of multi-factor authentication (MFA) has pushed developers of phishing kits to come up with ways to bypass that added account protection measure.

How to measure security efforts and have your ideas approved
In this interview with Help Net Security, Malcolm Harkins, Chief Security & Trust Officer, Epiphany Systems, talks about the challenges security leaders must face when communicating with their company’s management and what to do to overcome them.

Number of data compromises reaching all-time high
According to an Identity Theft Resource Center (ITRC) report, the overall number of data compromises (1,862) is up more than 68 percent compared to 2020.

Building confidence in your system’s security with chaos engineering
In this interview with Help Net Security, Aaron Rinehart, CTO at Verica, explains the discipline of chaos engineering and how it can help organizations build more resilient systems.

How costly is an insider threat?
Proofpoint released a report to identify the costs and trends associated with negligent, compromised, and malicious insiders. Notably, on average, impacted organizations spent $15.4 million annually on overall insider threat remediation and took 85 days to contain each incident.

Reducing the blast radius of credential theft
Cybersecurity has come to be defined by identity, with almost every attack today revolving around gaining control of a user’s identity as a means of accessing critical data and systems. Verizon’s latest data breach report found that credentials are the most sought-after form of data.

Cybersecurity staff turnover and burnout: How worried should organizations be?
The heightened risk of cyberattacks on businesses is being compounded by significant recruitment and retention issues within cybersecurity teams, making businesses more vulnerable to potential attacks, according to a research from ThreatConnect.

Why vulnerability scanners aren’t enough to prevent a ransomware attack on your business
Vulnerability scanners are still essential tools for defenders protecting enterprise and government networks. But given the rapidly increasing complexity of today’s cyber threat landscape, these scanners are not enough to win the fight against an increasingly overwhelming volume of vulnerability alerts.

Organizations neglecting Microsoft 365 cybersecurity features
Nearly half of organizations are not using the full set of features and applications available in Microsoft 365, a research from Ensono reveals. Most notably, many enterprises are neglecting the cybersecurity features available in the platform, leaving them open to vulnerabilities.

Two initiatives that can move the needle for cybersecurity in 2022
It’s no secret that 2021 was undoubtedly a difficult and stressful year to be a cybersecurity professional. The pandemic-driven remote/hybrid work paradigm and increased prevalence of ransomware caused many to fundamentally reevaluate their security strategies. This year will be no different, and we’ll likely see an even greater increase in threats as these malicious actors find new attack vectors to infiltrate—so it’s important for organizations to be well-equipped to address them.

Top attack trends every organization should build resilience against
Expel announced the release of the cybersecurity trends and predictions for 2022. Based on aggregated data from its security operations center (SOC), the report provides insights on the biggest cybersecurity threats, practical recommendations on how to handle them, and predictions on what to expect in the year ahead.

AI technology is redefining surveillance
With the incorporation of artificial intelligence (AI) and machine learning (ML) tools into surveillance technologies, the definition of surveillance is changing to encompass tools that are more beneficial to the average person.

How ready are federal agencies for zero trust implementation?
More than 70 percent of federal agencies are aggressively adopting zero trust principles, while another 26 percent are adopting where they feel it makes sense, according to a Merlin Cyber and MeriTalk report.

People working in IT related roles equally susceptible to phishing attempts as the general population
Phishing emails that mimic HR announcements or ask for assistance with invoicing get the most clicks from recipients, according to a study from F-Secure.

How threat actors are using npm to launch attacks
WhiteSource released a threat report based on malicious activity found in npm, the most popular JavaScript package manager used by developers worldwide.

Product showcase: Cybellum’s Product Security Lifecycle Platform
Cybellum’s Product Security Lifecycle Platform enables device manufacturers to secure their products throughout their entire life – from first design to operational use, and years after.

eBook: Anomaly Detection in Cybersecurity for Dummies
One of the best ways to defend against both internal and external attacks is to integrate anomaly detection, a.k.a. user and entity behavior analytics capabilities, into your security analytics solution.

Infosec products of the month: January 2022
Here’s a look at the most interesting products from the past month, featuring releases from Avast, Axonius, Borderless Security, CyberRes, Deepfence, GrammaTech, Kovrr, LiveAction, MetricStream, NormCyber, Panorays, Pentera, Samsung, SpyCloud, SureCloud, TAC Security, and Zyxel Communications.

New infosec products of the week: February 4, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Cato Networks, Cymulate, Gretel, Juniper Networks, Mandiant, Ping Identity, Qualys, ShiftLeft, and Tenable.




Share this