Week in review: Disrupted Cyclops Blink botnet, public software apps at risk, Patch Tuesday forecast


Here’s an overview of some of last week’s most interesting news, articles and interviews:

April 2022 Patch Tuesday forecast: Spring is in the air (and vulnerable)
March Patch Tuesday releases followed in the footsteps of February with low numbers of CVEs reported and resolved, and all updates rated as important except one critical update for Microsoft Exchange Server.

Log4Shell exploitation: Which applications may be targeted next?
Spring4Shell (CVE-2022-22965) has dominated the information security news these last six days, but Log4Shell (CVE-2021-44228) continues to demand attention and action from enterprise defenders as diverse vulnerable applications are being targeted in attacks in the wild.

CISA adds Spring4Shell to list of exploited vulnerabilities
It’s been almost a week since the Spring4Shell vulnerability (CVE-2022-22965) came to light and since the Spring development team fixed it in new versions of the Spring Framework.

Microsoft asks bug hunters to probe on-premises Exchange, SharePoint servers
Bug hunters that discover and report high-impact security vulnerabilities in on-premises Exchange, SharePoint and Skype for Business may earn as much as $26,000 per eligible submission, Microsoft has announced.

The Cyclops Blink botnet has been disrupted
The US Justice Department has announced that the FBI has disrupted the Cyclops Blink botnet, which they say was under the control of the Sandworm group – a threat actor that has been previously attributed to the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation (the GRU).

New and less known cybersecurity risks you should be aware of
In this interview with Help Net Security, Zur Ulianitzky, Head of Security Research at XM CYber, gives insights on new and less talked about cybersecurity risks organizations should look out for, and what should they do keep themselves secure and protected from these threats.

Security flaws found in 82% of public sector software applications
Veracode has released new findings that show the public sector has the highest proportion of security flaws in its applications and maintains some of the lowest and slowest fix rates compared to other industry sectors.

Hybrid threat model: Watch out for the unhappy employee
In this interview with Help Net Security, James Turgal, VP of Cyber Risk, Strategy and Board Relations at Optiv Security, talks about the hybrid threat model, a new approach that leverages social media to launch cyberattacks on organizations.

Vulnerabilities and cyberattacks that marked the year 2021
Rapid7 announced the release of a report examining the 50 most notable security vulnerabilities and high-impact cyberattacks in 2021.

Prioritizing cybersecurity training during the onboarding process
In this interview with Help Net Security, Brent Johnson, CISO at Bluefin, talks about the importance of making cybersecurity training a priority for every organization and why is this often a difficult goal to achieve.

63% of organizations paid the ransom last year
A record 71% of organizations were impacted by successful ransomware attacks last year, according to a CyberEdge Group report, up from 55% in 2017. Of those that were victimized, 63% paid the requested ransom, up from 39% in 2017.

The CISO as brand enabler, customer advocate, and product visionary
If you’re a CISO today, or have worked for or watched one from afar, you have felt the reality of the goalposts continually shifting over time, and you have experienced some of the tough questions that may not yet be answered.

The challenges of consumer data and PII usage
In this Help Net Security video, Nong Li, CEO at Okera, talks about the challenges of using and managing consumer data and personally identifiable information (PII).

Utilizing biological algorithms to detect cyber attacks
Phishing, a longstanding cyberattack technique through which attackers impersonate others to gain access to confidential information, has become immensely popular as of late, hitting an all-time high in December 2021, with attacks tripling since the previous year.

Keeper Compliance Reports
In this video, Craig Lurey, CTO and Co-Founder of Keeper Security, talks about the new secure add-on to the Keeper enterprise platform, called Compliance Reports.

Digital transformation requires security intelligence
Embracing change and resilience became the mantra for business continuity as organizations powered through the pandemic. Incorporating digital technologies were critical to quickly adapt to and address employee and customer needs, economic uncertainty, and competitive pressures.

Cybercriminals taking advantage of the Ukraine crisis to create charity donation scams
In this video for Help Net Security, Charles Brook, Threat Intelligence Researcher at Tessian, talks about how cybercriminals have taken advantage of the crisis in Ukraine to create charity donation scams.

The importance of understanding cloud native security risks
In this video for Help Net Security, Paul Calatayud, CISO at Aqua Security, talks about cloud native security and the problem with the lack of understanding of risks to this environment.

Traditional identity fraud losses soar, totalling $52 billion in 2021
A study shows that traditional identity fraud losses, caused by criminals illegally using victims’ information to steal money, exploded in 2021 to $24 billion — an alarming 79% increase over 2020.

What you need to look out for when installing packages from public repositories
In this Help Net Security video, Ax Sharma, Senior Security Researcher at Sonatype, talks about the risks posed by malicious open source packages.

People’s habits around personal and corporate data backup procedures
In this video for Help Net Security, Jon Fielding, Managing Director at Apricorn, talks about a survey of thousands of Twitter users, around their personal and corporate data and backup habits, processes and procedures.

Cybercriminals on Discord: Discovering developing threats
In this video for Help Net Security, Tal Samra, Cyber Threat Analyst at Cyberint, talks about Discord, a platform often used for cybercrime activities, and the possible threats users might come across.

Infosec products of the month: March 2022
Here’s a look at the most interesting products from the past month, featuring releases from: Actiphy, Anomali, AvePoint, Ciphertex Data Security, Contrast Security, CRITICALSTART, CybeReady, Dasera, Deepfence, Dtex Systems, Elastic, Endace, Enzoic, ExtraHop, Imperva, MetricStream, Nebulon, NICE Actimize, Ostrich Cyber-Risk, Palo Alto Networks, Perimeter 81, PKI Solutions, Progress, Rapid7, Reciprocity, Secret Double Octopus, SEON, Sonrai Security, SpyCloud, Swissbit, Veeam Software, Veriff, and VMware.

New infosec products of the week: April 8, 2022
Here’s a look at the most interesting products from the past week, featuring releases from ColorTokens, Forescout, Fortinet, IBM, Imperva, Keysight Technologies, and Orca Security.

More about

Don't miss