Week in review: Kali Linux gets on Linode, facial recognition defeated, Log4j exploitation

Week in review

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Dealing with threats and preventing sensitive data loss
Recently, Normalyze, a data-first cloud security platform, came out of stealth with $22.2M in Series A funding. This was the perfect time to catch up with co-founder and CEO Amer Deeba. In this interview with Help Net Security, he talks about the path data security as well as visibility challenges.

Who are the best fraud fighters?
Seasoned fraud expert PJ Rohall has recently become the new Head of Fraud Strategy & Education at SEON. In this Help Net Security interview, he talks about how he entered the industry, about the evolving fraud landscape, and offers advice to other fraud fighters.

Linode + Kali Linux: Added security for cloud instances
Kali Linux, the popular open source Linux distribution specialized for penetration testing, ethical hacking and security auditing, can now be used by Linode customers.

Researchers defeat facial recognition systems with universal face mask
Can attackers create a face mask that would defeat modern facial recognition (FR) systems? A group of researchers from from Ben-Gurion University of the Negev and Tel Aviv University have proven that it can be done.

Microsoft fixes exploited zero-day in Windows CSRSS (CVE-2022-22047)
The July 2022 Patch Tuesday is upon us and has brought fixes for 84 CVEs in various Microsoft products, including an actively exploited zero-day: CVE-2022-22047, an elevation of privilege bug in Windows’ Client/Server Runtime Subsystem (CSRSS).

Phishers steal Office 365 users’ session cookies to bypass MFA, commit payment fraud
A massive phishing campaign has been targeting Office 365 (i.e., Microsoft 365) users in over 10,000 organizations since September 2021 and successfully bypassing multi-factor authentication (MFA) set up to protect the accounts.

PayPal-themed phishing kit allows complete identity theft
Sometimes phishers are just after your username and password, but other times they are after every scrap of sensitive information they can extract from you. To do that, they use tools like the phishing kit recently analyzed by Akamai researchers.

How to address the ongoing risk of Log4j exploitation and prepare for the future
“Vulnerable instances of Log4j will remain in systems for many years to come, perhaps a decade or longer,” the Cyber Safety Review Board (CSRB) has concluded.

Are your site’s tracking technologies breaking the law?
Two irresistible yet conflicting forces are creating a real risk for businesses that operate on the web, which is every business that exists in 2022. Those forces are tracking technologies and data privacy regulations.

BlackCat (aka ALPHV) ransomware is increasing stakes up to $2.5 million in demands
Resecurity (USA), a Los Angeles-based cybersecurity company protecting Fortune 500 companies, has detected a significant increase in the value of ransom demand requests by the notorious Blackcat ransomware gang.

The enemy of vulnerability management? Unrealistic expectations
Organizations vary by size, industry, level of maturity, but one thing that they all have in common is needing to know how to quickly remediate security vulnerabilities.

Nearly all governmental websites serve cookies or third-party trackers
In some countries up to 90% of governmental websites add third-party tracker cookies without users’ consent.

The weaponizing of smartphone location data on the battlefield
For soldiers on the battlefield, the act of turning on one’s smartphone has been described as the digital equivalent of lighting a cigarette, as doing so creates a signal about one’s location that can be picked up by the enemy.

Conventional cybersecurity approaches are falling short
Traditional security approaches that rely on reactive, detect-and-respond measures and tedious manual processes can’t keep pace with the volume, variety, and velocity of current threats, according to Skybox Security.

The future of SOCs: Automation where it matters
Sophisticated attacks, remote work needs and rapidly changing technologies challenge organizations to manage IT security while containing costs and using overburdened staff.

Q-Day: The problem with legacy public key encryption
In the power circles where policy and technology meet, there always seems to be someone with his or her “hair on fire” about some issue or another, and it can be difficult to differentiate between a serious matter, hype and political theater.

7 steps to switch your organization to a zero trust architecture
In this Help Net Security video, John Grancarich, Executive VP of Product and Growth Strategy at HelpSystems, provides insight into how the biggest threat in cybersecurity today is not the next attack but rather the implicit trust organizations grant to access their critical resources.

The impact of DNS attacks on global organizations
In this Help Net Security video, Chris Buijs, Chief Evangelist at EfficientIP, talks about the importance of making the DNS as part of an organisation’s security strategy.

A look at the bring your own browser (BYOB) approach
In this Help Net Security video, Dor Zvi, CEO at Red Access, discusses how security teams need a new browser-agnostic approach to the bring your own browser (BYOB) at work situation.

How to develop successful incident response plans
In this Help Net Security video, Neal Bridges, CISO at Query.AI, talks about the rules organizations need to think about if they way to develop successful incident response (IR) plans.

Best practices for cyber resilience
In this Help Net Security video, Robin Berthier, CEO at Network Perception, talks about strategy for cyber resilience.

How attackers abuse Quickbooks to send phone scam emails
In this Help Net Security video, Roger Kay, VP of Security Strategy, INKY, talks about how this time around, attackers impersonated reputable retail brands such as Amazon, Apple, and Paypal, to send out legitimate notifications from QuickBooks, an accounting software package used primarily by small business and midmarket customers who lack in-house expertise in finance and accounting.

The proliferation of money mules and how behavioral biometrics can combat this form of fraud
In this Help Net Security video, Erin Englund, Threat Analytics Lead at BioCatch, explains what money mules are, why are they becoming so prevalent, and how we can defend against them.

Product showcase: ImmuniWeb Neuron, DAST with a zero false positives SLA
ImmuniWeb, a global application security company with over 1,000 customers from more than 50 countries, unveils ImmuniWeb Neuron that is specifically designed to address both problems in a simple, efficient and effective manner.

New infosec products of the week: July 15, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Deloitte, Flashpoint, CertiK, CyberArk, and N-able.




Share this