Week in review: Spot deep-faked job candidates, data exfiltration via bookmarks, Patch Tuesday forecast

Cybersecurity news

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Browser synchronization abuse: Bookmarks as a covert data exfiltration channel
Two universal and seemingly innocuous browser features – the ability to create bookmarks (aka “favorites”) and browser synchronization – make users’ lives easier, but may also allow hackers to establish a covert data exfiltration channel.

Ransomware gangs are hitting roadblocks, but aren’t stopping (yet)
Ransomware attacks are in decline, according to reports by several cybersecurity companies. Why is that?

Cyberattack prevention is cost-effective, so why aren’t businesses investing to protect?
In this Help Net Security interview, Former Pentagon Chief Strategy Officer Jonathan Reiber, VP Cybersecurity Strategy and Policy, AttackIQ, offers insight for CISOs – from talking to the Board to proper budget allocation.

August 2022 Patch Tuesday forecast: Printers again?
Looking ahead to next week, we have a server end-of-life and still more updates that can impact printers.

How to minimize your exposure to supply chain attacks
Supply chain attacks are on the rise, and many organizations seem unsure on how to respond to the threat. Here are are several steps you can take to minimize your risk of being involved in a supply chain breach.

The most impersonated brand in phishing attacks? Microsoft
Vade announced its H1 2022 Phishers’ Favorites report, a ranking of the top 25 most impersonated brands in phishing attacks.

6 ways your cloud data security policies are slowing innovation – and how to avoid that
As practically every organization shifts from managing their data in network-based data centers to storing it in the cloud, cloud data security policies are created to secure this data in a cloud environment. With more and more data migrating to the cloud, these policies must adapt to a wide range of data stores, locations, uses and environments.

Phishers use custom phishing kit to hijack MFA-protected enterprise Microsoft accounts
An ongoing, large-scale phishing campaign is targeting owners of business email accounts at companies in the FinTech, Lending, Insurance, Energy and Manufacturing sectors in the US, UK, New Zealand and Australia.

VMware: Patch this critical vulnerability immediately! (CVE-2022-31656)
The security researcher who reported CVE-2022-31656 is planning to release a technical writeup and a POC “soon”.

Organizations grew to love Kubernetes: Usage in production is high
Kubernetes is delivering business value and is set to win an increasing share of production workloads, with almost all respondents to a Dimensional Research study saying they plan to scale and diversify their Kubernetes infrastructures in some way in the coming year.

“ParseThru” vulnerability allows unauthorized access to cloud-native applications
A new vulnerability found in GoLang-based applications allows a threat actor to bypass validations under certain conditions and gain unauthorized access to cloud-native applications.

Burnout and attrition impact tech teams sustaining modern digital systems
Across all industries, 54% of responders are being interrupted outside of normal working hours.

How to spot deep-faked candidates during interviews
The FBI recently issued a warning that malicious attackers are using deepfakes to apply for a variety of remote work positions via virtual interviews over the internet. In this Help Net Security video, Sanjay Gupta, SVP and Managing Director, Mitek Systems, talks about how combatting this threat will require a multi-layered approach from both HR and recruiting teams in addition to IT.

Risk astute leadership: Converting intelligence into actionable controls
In this Help Net Security video, John deCraen, Associate Managing Director at Kroll, talks about leveraging of threat intelligence to inform actionable controls.

MI-X: Open source project helps you understand whether you are exploitable
In this Help Net Security video, Ofri Ouzan, Security Researcher at Rezilion, talks about MI-X (Am I Exploitable?), an open source tool aimed at effectively determining whether a local host or a running container image is truly vulnerable to a specific vulnerability by accounting for all factors which affect actual exploitability.

Phishing campaign targets Coinbase wallet holders to steal cryptocurrency in real-time
In this video for Help Net Security, Nick Ascoli, VP of Threat Research, PIXM, discusses a multilayered phishing campaign targeting cryptocurrency exchange Coinbase.

How AI and cybersecurity complement each other
In this Help Net Security video, Taylor Hersom, CEO at Eden Data, discusses why we need AI and how it helps minimize human error, as well as cybersecurity threats such as ransomware.

Now is the time to focus on software supply chain security improvements
In this Help Net Security video, Kevin Bocek, VP of Security Strategy and Threat Intelligence, Venafi, discusses how CIOs are becoming increasingly concerned about the serious business disruptions, revenue loss, data theft, and customer damage that can result from successful software supply chain attacks.

Machine learning creates a new attack surface requiring specialized defenses
In this interview for Help Net Security, Christopher Sestito, CEO of HiddenLayer, talks about machine learning security considerations, and the related threats organizations should be worried about.

eBook: Privileged Access Management for Dummies
This free 24-page book gives you a practical understanding of Privileged Access Management and its security implications.

Test your security configuration with a free assessment tool from CIS
CIS-CAT Lite is the free assessment tool developed by the CIS (Center for Internet Security), which helps users implement secure configurations for multiple technologies. With unlimited scans available via CIS-CAT Lite, your organization can download and start implementing CIS Benchmarks in minutes.

SimpleRisk: Enterprise risk management simplified
In this Help Net Security video, CEO/CISO Josh Sokol, showcases SimpleRisk, a fully integrated GRC platform that can be used for all of your governance, risk management, and compliance needs.

New infosec products of the week: August 5, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Claroty, Fortinet, Qualys, Scrut Automation, Sony, and VIPRE Security.

Infosec products of the month: July 2022
Here’s a look at the most interesting products from the past month, featuring releases from: Action1, Aqua Security, Cato Networks, CertiK, CoSoSys, CyberArk, Darktrace, Deloitte, EnGenius, Flashpoint, Fusion Risk Management, G-Core Labs, Kingston Digital, LogRhythm, N-able, NetApp, Orca Security, Persona, Rafay Systems, RangeForce, Rapid7, Resecurity, Runecast, Socura, and Teleport.

More about

Don't miss