Week in review: Cisco hacked, Kali Linux 2022.3 released, Black Hat USA 2022
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
Understanding your attack surface is key to recognizing what you are defending
In this interview with Help Net Security, Marc Castejon, CEO at Silent Breach, discusses what organizations should be worried about at the moment, and what technologies they should focus in the near future.
The challenges of managing the modern external attack surface
In this interview for Help Net Security, Kunal Modasiya, VP of Product Management at Qualys, discusses how the new component, integrated into CyberSecurity Asset Management 2.0, adds the external attacker view to identify previously unknown internet-facing assets for a complete and accurate picture of the enterprise attack surface.
Microsoft fixes exploited zero-day in Windows Support Diagnostic Tool (CVE-2022-34713)
The August 2022 Patch Tuesday has arrived, with fixes for an unexpectedly high number of vulnerabilities in various Microsoft products, including two zero-days: one actively exploited (CVE-2022-34713) and one not yet (CVE-2022-30134).
Twilio confirms data breach after its employees got phished
Cloud communications company Twilio has announced that some of it employees have been phished and that the attackers used the stolen credentials to gain access to some internal company systems and customer data.
Kali Linux 2022.3 released: Packages for test labs, new tools, and a community Discord server
Offensive Security has released Kali Linux 2022.3, the latest version of its popular penetration testing and digital forensics platform.
Cisco has been hacked by a ransomware gang
U.S. networking giant Cisco Systems has been hacked, the company confirmed on Wednesday, after Yanluowang ransomware operators claimed the attack on their leak site.
Identity is the killer context: 4 ways to stay in control
In an era when people are working from cafes, sheds, bedrooms and anywhere else they can get some peace and an internet connection, identity is often hailed as the new perimeter. In fact, it is context that represents today’s perimeter, with identity providing the killer context.
Three ransomware gangs consecutively attacked the same network
Hive, LockBit and BlackCat, three prominent ransomware gangs, consecutively attacked the same network, according to Sophos.
Why SAP systems need to be brought into the cybersecurity fold
SAP systems are highly attractive targets for threat actors, storing highly valuable information such as personal data, financial data, and business-critical intellectual property.
What Black Hat USA 2022 attendees are concerned about
Black Hat released its Supply Chain and Cloud Security Risks Are Top of Mind survey. The report highlights important findings from more than 180 of experienced cybersecurity professionals who reported concerns over attacks against cloud services, ransomware and the growing risks to the global supply chain.
Could criminalizing ransomware payments put a stop to the current crime wave?
In this Help Net Security video, Charl van der Walt, Head of Security Research, Orange Cyberdefense, discusses whether criminalizing ransomware payments could quell the current crime wave by cutting off the flow of funds that motivates cybercriminals.
Which malware delivery techniques are currently favored by attackers?
A wave of cybercriminals spreading malware families – including QakBot, IceID, Emotet, and RedLine Stealer – are shifting to shortcut (LNK) files for email malware delivery.
AWSGoat: Easy to deploy vulnerable AWS infrastructure for pentesters
In this Help Net Security video, Jeswin Mathai, Chief Architect, Lab Platform at INE, showcases AWSGoat, a vulnerable by design infrastructure featuring OWASP Top 10 web application security risks and other misconfiguration based on services such as IAM, S3, API Gateway, Lambda, EC2, and ECS.
Dissecting Google’s Titan M chip: Vulnerability research challenges
In this Help Net Security video, Damiano Melotti, Security Researcher, Quarkslab, talks about the vulnerability research challenges encountered while exploring Google’s Titan M chip.
Data privacy regulation a top three challenge for IoT adopters
Fears over security have become less of a concern for organizations adopting IoT solutions than it was five years ago, according to a recent study by Wi-SUN Alliance, a global member-based association of industry leading companies driving the adoption of interoperable wireless solutions for use in smart cities, smart utilities, IoT and industrial IoT (IIoT) applications.
Real-world threat response: What are organizations doing wrong?
In this video interview with Help Net Security, Stephanie Aceves, Sr. Director of Threat Response, Product Management at Tanium, talks about what organizations are doing wrong when it comes to threat response.
36% of orgs expose insecure FTP protocol to the internet, and some still use Telnet
A significant percentage of organizations expose insecure or highly sensitive protocols, including SMB, SSH, and Telnet, to the public internet, the ExtraHop Benchmarking Cyber Risk and Readiness report has shown.
Implementing zero trust for a secure hybrid working enterprise
In this Help Net Security video, Kevin Peterson, Cybersecurity Strategist at Xalient, provides an overview of the early days of zero trust, illustrates where we are today, and offers tips for implementing zero trust for a secure hybrid working enterprise.
LogoKit update: The phishing kit leveraging open redirect vulnerabilities
Resecurity identified threat actors leveraging open redirect vulnerabilities in online services and apps to bypass spam filters to ultimately deliver phishing content.
How bad actors are utilizing the InterPlanetary File Systems (IPFS)
In this Help Net Security video, Karl Sigler, Senior Security Research Manager at Trustwave, talks about how the decentralized P2P network of IPFS makes it the perfect breeding ground for threat actors transferring and storing data – even if the server or network is shut down, the data remains accessible.
Malicious PyPI packages drop ransomware, fileless malware
In this Help Net Security video, Ax Sharma, Senior Security Researcher at Sonatype, discusses newly found PyPI packages that pack ransomware, and another package that appears to be safe but silently drops fileless malware to mine cryptocurrency (Monero) on the infected system – all while evading detection.
5 key things we learned from CISOs of smaller enterprises survey
As business begins its return to normalcy (however “normal” may look), CISOs at small and medium-size enterprises (500 – 10,000 employees) were asked to share their cybersecurity challenges and priorities, and their responses were compared the results with those of a similar survey from 2021.
New infosec products of the week: August 12, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Concentric, Cymulate, Deepfence, Halo Security, NetRise, SimSpace, and Traceable AI.