Week in review: ZuoRAT targeting SOHO routers, trends affecting your security strategy


Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

OT security: Helping under-resourced critical infrastructure organizations
In this Help Net Security interview, Dawn Cappelli, Director of OT-CERT at the industrial cybersecurity company Dragos, talks about the OT security risks critical infrastructure organizations are facing, offers advice on how they can overcome obstacles that prevent them improving their cybersecurity posture, and explains how the recently set up OT-CERT she’s heading can help asset owners and operators of industrial infrastructure.

Cybercriminals use Azure Front Door in phishing attacks
Resecurity, Inc. (USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. The identified resources in one of the malicious campaigns impersonated various services appearing to be legitimately created on the “azurefd.net” domain.

Researchers uncover ZuoRAT malware targeting home-office routers
Black Lotus Labs discovered a new remote access trojan (RAT) called ZuoRAT, which targets remote workers via their small office/home office (SOHO) devices, including models from ASUS, Cisco, DrayTek and NETGEAR.

Clearview fine: The unacceptable face of modern surveillance
The UK’s Information Commissioner’s Office (ICO) has issued its third largest ever fine of £7.5m. It was imposed on Clearview AI, the controversial facial recognition company that has already been on the wrong end of similar decisions from regulators in Italy, France and Australia.

Properly securing APIs is becoming increasingly urgent
Imperva released a new study that uncovers the rising global costs of vulnerable or insecure APIs. The analysis of nearly 117,000 unique cybersecurity incidents estimates that API insecurity results in $41-$75 billion of losses annually.

Detection, isolation, and negotiation: Improving your ransomware preparedness and response
The risks presented by ransomware and cyber extortion events have likely found a place in your own security team’s discussions, and rightfully so. Ransomware attacks have proliferated in the last decade.

Trends to watch when creating security strategy for the next two years
Executive performance evaluations will be increasingly linked to ability to manage cyber risk; almost one-third of nations will regulate ransomware response within the next three years; and security platform consolidation will help organizations thrive in hostile environments, according to the top cybersecurity predictions revealed by Gartner.

Why digital trust needs to be a strategic imperative for your company
It’s no secret that digital interactions have extended to every aspect of our professional and personal lives. Connectivity is soaring and digital transformation is accelerating, making it critical for the technology community, governments and corporate boardrooms to invest in digital trust.

Destructive firmware attacks pose a significant threat to businesses
As business workforces become increasingly distributed, IT leaders say it’s harder than ever to defend against firmware attacks, according to HP Wolf Security.

Evolving online habits have paved the way for fraud. What can we do about it?
Information is power, and personally identifiable information (PII) is an extremely powerful asset that is fueling the rapid growth of online fraud (also known as the Digital Identity Crisis).

Threat actors increasingly use third parties to run their scams
Abnormal Security released new research that showcases a rising trend in financial supply chain compromise as threat actors impersonate vendors more than ever before.

How phishing attacks are becoming more sophisticated
In this video for Help Net Security, Joshua Crumbaugh, CEO, PhishFirewall, talks about how cybercriminals are taking their phishing attacks to a new level.

48% of security practitioners seeing 3x increase in alerts per day
Panther Labs surveyed 400 active security practitioners, primarily, security analysts and security engineers, to reflect the “boots on the ground” perspective for security teams.

Python packages with malicious code expose secret AWS credentials
Sonatype researchers have discovered Python packages that contain malicious code that peek into and expose secret AWS credentials, network interface information, and environment variables.

EMEA continues to be a hotspot for malware threats
Ransomware detections in the first quarter of this year doubled the total volume reported for 2021, according to the latest quarterly Internet Security Report from the WatchGuard Threat Lab.

Exploring the insecurity of readily available Wi-Fi networks
In this video for Help Net Security, Andy Thompson, Global Research Evangelist at CyberArk, talks about Wi-Fi security.

How parents can talk about online safety and personal info protection with their kids
In this video for Help Net Security, Jim Ducharme, Chief Operating Officer at Outseer, provides insight into how parents can talk about online safety and personal info protection with their kids.

Key takeaways from RSA Conference 2022
In this video for Help Net Security, Ravi Srinivasan, CEO of Votiro, talks about his experiences during RSA Conference 2022.

How businesses are prioritizing data privacy
In this video for Help Net Security, Stephen Cavey, Chief Evangelist at Ground Labs, talks about how businesses and job seekers are not only prioritizing data privacy but using it as a competitive advantage in this rivalrous landscape.

The challenges and advantages of building behavior-based threat detection
In this video for Help Net Security, Scott Sutherland, Senior Director, Adversary Simulation and Infrastructure Testing, NetSPI, discusses how, in order to stay ahead of malicious actors, organizations must shift their gaze to detect attackers before something bad happens.

Photos: Cyber Week 2022
Cyber Week is a large annual international cybersecurity event, hosted each year at Tel Aviv University in Israel. Cyber Week 2022 is held jointly by the Blavatnik Interdisciplinary Cyber Research Center (ICRC), The Yuval Ne’eman Workshop for Science, Technology and Security, Tel Aviv University, the Israeli National Cyber Directorate under the Prime Minister’s Office and the Ministry of Foreign Affairs.

Cyber Week 2022 video walkthrough
In this Help Net Security video, we take you inside Cyber Week 2022. The featured vendors are: Dig Security, Ermetic, enso, Forescout, Flow, IBM Security, Intuit, Israel Aerospace Industries, Mitiga, and Synopsys.

Product showcase: Group-IB Unified Risk Platform
Group-IB has developed the Unified Risk Platform, a comprehensive set of solutions that understands each organization’s threat profile and configures defenses, and responds to threats in real-time.

New infosec products of the week: July 1, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Fusion Risk Management, G-Core Labs, Rafay Systems, and RangeForce.

Infosec products of the month: June 2022
Here’s a look at the most interesting products from the past month, featuring releases from: Acronis, Arcserve, Black Kite, Cavelo, Code42, ComplyCube, Cynet, Elastic, ESET, Feroot, Fusion Risk Management, G-Core Labs, Hillstone Networks, Incognia, Living Security, Lumu, NetWitness, Optiv Security, Qualys, Rafay Systems, RangeForce, SafeBreach, SecureAuth, SecurityMetrics, Splunk, Swimlane, and Traceable AI.

More about

Don't miss