Week in review: Account pre-hijacking, Sigstore, ransomware still winning


Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

RansomHouse: Bug bounty hunters gone rogue?
A new cybercrime outfit that calls itself RansomHouse is attempting to carve out a niche of the cyber extortion market for itself by hitting organizations, stealing their data, and offering to delete it and provide a full report on how and what vulnerabilities were exploited in the process – all for a fee, of course.

Account pre-hijacking attacks possible on many online services
Online accounts getting hijacked and misused is an everyday occurrence, but did you know that account pre-hijacking attacks are also possible?

Verizon 2022 DBIR: External attacks and ransomware reign
There has been an alarming rise (13%) in ransomware breaches – a jump greater than the past 5 years combined, Verizon Business has revealed in its 2022 Data Breach Investigations Report (2022 DBIR).

GM, Zola customer accounts compromised through credential stuffing
Customers of automaker General Motors (GM) and wedding planning company Zola have had customer accounts compromised through credential stuffing, and the criminals have used the access to redeem gift cards.

3 key elements to protect a Kubernetes cluster
Kubernetes changed how we structure, deploy, and run our applications and became a de-facto standard for running infrastructure at scale. With the rapid adoption of container-based technologies, organizations are increasingly concerned about the security of their Kubernetes clusters.

Ransomware still winning: Average ransom demand jumped by 45%
Group-IB unveils its guide to the evolution of threat number one “Ransomware Uncovered 2021/2022”.

What does prioritizing cybersecurity at the leadership level entail?
Week after week, month after month, shareholder cyber lawsuits hit the news. Capital One settles for $190 million. A class-action lawsuit was filed against Ultimate Kronos Group for alleged negligence regarding a ransomware attack, identifying a poor cybersecurity system as the root problem.

Elevation of Privilege is the #1 Microsoft vulnerability category
BeyondTrust announced the release of a report which includes the latest annual breakdown of Microsoft vulnerabilities by category and product, as well as a six-year trend analysis, providing a holistic understanding of the evolving threat landscape.

Where is attack surface management headed?
Reactive cyber defense is a losing strategy. It’s something that’s been tolerated for many decades, but isn’t it more cost-effective, better for the brand, and more optimal to align with a proactive approach?

Vishing cases reach all time high
Vishing (voice phishing) cases have increased almost 550 percent over the last twelve months (Q1 2022 to Q1 2021), according to the latest Quarterly Threat Trends & Intelligence Report from Agari and PhishLabs.

Why are current cybersecurity incident response efforts failing?
This article will explore why current cybersecurity incident response efforts are failing, and how a proactive, risk-based approach enables companies to reduce exposure most effectively and to maximize the return on their limited resources.

How confident are CISOs about their security posture?
Proofpoint released its annual Voice of the CISO report, which explores key challenges facing chief information security officers (CISOs).

How to eliminate the weak link in public cloud-based multi-party computation
Secure multi-party computation (MPC) has seen steady evolution to tackle many scientific challenges. These include enabling the creation and tuning of AI or machine learning algorithms, as well as developing open-source software and games.

Security has become more difficult, IT leaders say
Workspot announced a survey report conducted by Dimensional Research, which reveals that in the past year, due to remote work, 83% of IT leaders expanded or accelerated their cloud strategies, while still facing increasing challenges with security (71%), and concerns about employee compliance to new controls (60%).

You should be able to trust organizations that handle your personal data
In this video for Help Net Security, Nong Li, CEO at Okera, explains what it means for average consumers to share data, what this means in regards to trust, and how that data is going to be used.

Can we trust the cybersecurity of the energy sector?
A research published by DNV reveals that energy executives anticipate life, property, and environment-compromising cyberattacks on the sector within the next two years.

Taking the right approach to data extortion
In this video for Help Net Security, Dennis Underwood, CEO of Cyber Crucible, talks about why we’re taking the wrong approach to data extortion and how to take the right one.

By streamlining compliance, companies can focus more on security
A-LIGN released its 2022 Compliance Benchmark Report, highlighting the concern over increased threat of ransomware attacks and the need for organizations to adopt a more streamlined approach to their compliance requirements.

How to navigate GDPR complexity
In this video for Help Net Security, Dave Horton, VP of Solutions Engineering at Odaseva, explains how the GDPR has evolved in the last four years.

Sigstore: Signature verification for protection against supply chain attacks
In this video for Help Net Security, Dan Lorenc, CTO at Chainguard, talks about the Sigstore project and how it was used to secure the Kubernetes 1.24 release.

Hijacking of popular ctx and phpass packages reveals open source security gaps
In this Help Net Security video, Ax Sharma, Senior Security Researcher at Sonatype, talks about the tactics used by the researcher Yunus Aydin (aka “SockPuppets”) and what they revealed about the security gaps that can be misused to mount supply chain compromises affecting the open source community.

Review: Hornetsecurity 365 Total Protection Enterprise Backup
Hornetsecurity 365 Total Protection Enterprise Backup is a cloud-based security solution that provides protection against spam, malware, and other advanced threats, combined with backup and recovery features.

New infosec products of the week: May 27, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Corelight, Fortinet, Hunters, Kingston Digital, Netenrich, PIXM, and SafeGuard Cyber.

More about

Don't miss