Here’s an overview of some of last week’s most interesting news, articles and interviews:
(IN)SECURE Magazine issue 71 released
(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Issue 71 has been released today. It’s a free download, no registration required.
Financially motivated threat actors willing to go after Russian targets
As Ukrainian organizations are getting hit with yet another data-wiping malware, financially motivated threat actors are choosing sides and some of them are expressing their willingness to target Russian targets.
Veeam fixes critical RCEs in backup solution (CVE-2022-26500, CVE-2022-26501)
Veeam Software has patched two critical vulnerabilities (CVE-2022-26500, CVE-2022-26501) affecting its popular Veeam Backup & Replication solution, which could be exploited by unauthenticated attackers to remotely execute malicious code.
Trickbot uses compromised MikroTik routers as C2 communication proxies
MikroTik routers are getting compromised to serve as communication proxies for Trickbot malware, to enable Trickbot-affected devices to communicate with their their C2 server in a way that standard network defense systems won’t detect, Microsoft researchers have found.
The TTPs of Conti’s initial access broker
Automation might be the way to go for many things, but a recently published report by Google’s Threat Analysis Group (TAG) shows why targeted phishing campaigns performed by human operators are often successful, and how the Conti ransomware gang excels at targeting organizations with the help of an initial access broker.
Women in cybersecurity: How far have they come?
In this interview with Help Net Security, Bronwyn Boyle, CISO at Mambu, talks about women in cybersecurity, what are the hurdles they must overcome in their career, and how far has the indutry come when it comes to inclusion and diversity.
Attackers using default credentials to target businesses, Raspberry Pi and Linux top targets
Findings from a Bulletproof report highlight the issue posed by poor security hygiene as automated attacks remain a high security threat to businesses. The research gathered throughout 2021, showed that 70% of total web activity is currently bot traffic.
The massive impact of vulnerabilities in critical infrastructure
In this interview with Help Net Security, Michael Johnson, Board of Directors at Safe Security, talks about the importance of critical infrastructure security, why attacks on critical infrastructure are particularly worrying, and what can be done to thwart these threats.
Top threats for the financial sector
The potential financial, operational, and reputational impact of ransomware makes it the top threat facing financial services organizations, according to a report from F-Secure.
Why a modern vulnerability management strategy requires state-of-the-art solutions
In this interview with Help Net Security, Stephen Carter, CEO at Nucleus Security, explains the importance of having a vulnerability management strategy within an organization, what are the biggest challenges and what should be done to overcome them.
Malicious web application requests skyrocketing, bad actors stealthier than ever before
Radware released report findings which underscore 2021 as the year of the web application attack. Between 2020 and 2021, the number of malicious web application requests climbed 88%, more than double the year-over-year growth rate in distributed denial-of-service (DDoS) attacks, which were up 37% over 2020.
How to contain a privileged access breach and make sure it doesn’t happen again
When attackers pull off a privileged access breach, they have a beachhead into your network. Regardless of whether it’s software or users that are ill-protected, threat actors have a consistent playbook: establish a foothold on a vulnerable system, elevate privileges, then compromise additional privileged users to gain access to or hold at ransom what’s valuable.
How fast can organizations respond to a cybersecurity crisis?
Immersive Labs launched an analysis of human cyber capabilities. The report analyzed cyber knowledge, skills and judgment from over half a million exercises and simulations run by more than 2,100 organizations in the last 18 months.
Building trust in a zero-trust environment
A recent study by MITRE and DTEX revealed that despite years of industry efforts against insider threats, there isn’t enough data – or systems advanced enough – to spot all malicious behavior.
The importance of building in security during software development
Checkmarx released the UK findings of its report which found that 45% of organizations have suffered at least two security breaches as a direct result of a vulnerable application.
The simple secret to app security? Time
The thing about being a security consultant is that people are always looking to you for the “secret” to building a secure digital anything. And by “secret,” they usually mean “shortcut”.
Model contract language for medical technology cybersecurity published
Medical technology companies and health delivery organizations have a new template for agreeing on cybersecurity contractual terms and conditions to reduce cost, complexity and time in the contracting process and improve patient safety.
Are you willing to take a calculated risk? Quantifying your cyber risk and predicting future threats
We can all agree that cyber attacks are inevitable. The next step for cybersecurity professionals is reaching a consensus on the best way to prepare for unknown threats lurking on the horizon.
Poor data sanitization practices put public sector data at risk
A research launched by Blancco Technology Group reveals current practices and policies for device sanitization within the public sector.
Biden legitimizes cryptocurrency with regulatory exploration
For some time, cryptocurrency was considered a fringe currency – a libertarian means of investing that challenged the traditional framework of brokers, trade desks and advisers.
Top automotive tech obstacles: Cybersecurity, software quality and functional safety
Molex announced the results of a global survey that examines the pace of innovation accelerating the development of next-generation vehicle architectures and driving experiences.
How to build a security tool that sells
In my experience as a CISO in the industry, as well as in my current position as CISO-in-Residence at YL Ventures, an early-stage, cybersecurity-focused venture capital firm, I have been fortunate to provide founders with guidance and insights into the customer decision-making process and help them match unique solutions to tangible problems.
Will vacancies create security voids?
Automation may be shortening the Mean Time to Response (MTTR) when it comes to detecting and responding to attacks, but there is still no substitute for the human in the kill chain.
Top data governance challenges and strategies for high-growth startups
Hyper-growth startups face a unique set of challenges when it comes to secure data access. Their priority is to drive rapid innovation, scale their customer base and grow revenue.
How to plan for increased security risks resulting from the Great Resignation
The Great Resignation is sweeping the world, and the causes and impacts are still being analyzed.
Why EDR is not sufficient to protect your organization
Endpoint detection and response (EDR) tools are a cornerstone of most cybersecurity defenses today. But while the technology has an important role to play in investigating threats, too many organizations have made the mistake of relying on EDR as their first line of defense against security breaches.
70% of financial service providers are implementing API security
Financial service providers, such as banks and credit card companies, use a vast amount of APIs, which makes them an attractive target for threat actors.
On-demand webinar: Demystifying zero trust to protect connected assets in OT
Over the past few years, zero trust has become a commonly used phrase for security professionals. While we may understand that a zero-trust framework or architecture should be implemented as part of network or cybersecurity measures, what does this practically mean for operational technology?
As e-skimming, Magecart, and other types of front-end attacks grow in frequency and severity, businesses are faced with finding ways to protect the front-end (i.e., client side) web applications and websites.
New infosec products of the week: March 18, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Actiphy, Ciphertex Data Security, Contrast Security, Deepfence, Ostrich Cyber-Risk, PKI Solutions, Progress, and Swissbit.