Week in review: Uber hacked, QNAP NAS devices under attack, 5 Kali Linux books to read this year


Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Thousands of QNAP NAS devices hit by DeadBolt ransomware (CVE-2022-27593)
QNAP Systems has provided more information about the latest DeadBolt ransomware campaign targeting users of its network-attached storage (NAS) devices and the vulnerability the attackers are exploiting (CVE-2022-27593).

5 Kali Linux books you should read this year
Kali Linux is a Linux distribution designed for digital forensics, penetration testing, security research, and reverse engineering. Here is a selection of books for different experience levels, you can either start from scratch or get advanced tips – there’s something for everyone.

Apple fixes actively exploited zero-day in macOS, iOS (CVE-2022-32917)
Apple has fixed a slew of vulnerabilities in macOS, iOS, and iPadOS, including a zero-day kernel vulnerability (CVE-2022-32917) exploited by attackers in the wild.

U-Haul reports data breach, customers’ info exposed
U.S. moving and storage rental company U-Haul has suffered a data breach due to an unauthorized person having accessed an unspecified number of rental contracts, U-Haul’s parent company Amerco has revealed in a last week.

Microsoft fixes exploited zero-day in the Windows CLFS Driver (CVE-2022-37969)
September 2022 Patch Tuesday is here, with fixes for 64 CVE-numbered vulnerabilities in various Microsoft products, including one zero-day (CVE-2022-37969) exploited by attackers.

Phishers take aim at Facebook page owners
Phishers are looking to trick owners of Facebook pages with fake notices from the social network (i.e., Meta, the company behind Facebook, Instagram and WhatsApp), in an attempt to get them to part with sensitive information.

US government software suppliers must attest their solutions are secure
The Office of Management and Budget (OMB) has issued a memo requiring US federal government agencies to use software that has been built according to secure software development practices and whose developers follow practices for software supply chain security, as specified by the National Institute of Standards and Technology (NIST).

Uber hacked, attacker tears through the company’s systems
Uber has been hacked, again – this time by an 18-year-old (allegedly), who claims to have gotten in by social-engineering an Uber employee.

Attackers mount Magento supply chain attack by compromising FishPig extensions
FishPig, a UK-based company developing extensions for the popular Magento open-source e-commerce platform, has announced that its paid software offerings have been injected with malware after its distribution server was compromised.

Building a successful cybersecurity business, one client at a time
In this Help Net Security interview, Rahul Sasi, founder and CEO of CloudSEK, talks about the challenges of building CloudSEK, his journey in the cybersecurity industry, and discusses lessons learned along the way.

Homeworkers putting home and business cyber-safety at risk
BlackBerry published a European research exposing the cybersecurity risk created by cost-conscious homeworkers who prioritise security behind price, usability and ease of set up in their purchase of domestic smart devices.

Bad bots are coming at APIs! How to beat the API bot attacks?
API or Application Programming Interface is a de facto building block for modern-day applications, necessary for both building and connecting applications and websites. But APIs are poorly protected and have become one of the prime targets for attacks, especially bot attacks.

MSPs and cybersecurity: The time for turning a blind eye is over
Results of a Vade report highlight the prevalence of Managed Service Providers (MSPs), with 96% of organizations either currently outsourcing at least some of their needs to MSPs or planning to do so in the future. The report also analyzes the successes and pitfalls of email security solutions and where MSPs may have an opportunity to reach into the market.

Modernizing data security with a zero trust approach to data access
In a world where we can no longer trust anyone, zero trust security has picked up momentum, especially since 2018 when NIST published Implementing a Zero Trust Architecture. With breaches at all time high and ever-increasing sophistication in cyberattacks, it is no wonder that Gartner estimates that by the end of 2022 spending on zero trust will hit $891.9 million, and projects that by 2026 it will reach $2 billion.

How prepared are organizations to tackle ransomware attacks?
HYCU has announced its State of Ransomware Preparedness report in partnership with ActualTech Media, which reveals that ransomware is an unavoidable risk for businesses, which is why ransomware preparedness is a top priority.

Thwarting attackers in their favorite new playground: Social media
For years, LinkedIn has been utilized by threat actors looking to refine their attacks. From simple spear-phishing attacks to reconnaissance, the professional networking site has provided a fertile field to harvest data and enhance criminal tactics, even as a jumping point to other platforms like Facebook Business.

Organizations should fear misconfigurations more than vulnerabilities
Censys launched its State of the Internet Report, a holistic view into internet risks and organizations’ exposure to them. Through careful examination of which ports, services, and software are most prevalent on the internet and the systems and regions where they run, the research team discovered that misconfigurations and exposures represent 88% of the risks and vulnerabilities across the internet.

Q-Day doesn’t equal doomsday: Enacting an enterprise quantum security strategy
While Quantum Day, or “Q-Day,” may be five to ten years away, it is arriving faster than we would like. Q-Day represents the day that quantum computers will reliably use the superpositioning power of multi-state qubits to break encryption algorithms that are widely used around the world to enable e-commerce, data security and secure communications. Adversaries are already preparing for Q-Day by employing “collect now, decrypt later” strategies.

CFOs’ overconfidence in cybersecurity can cost millions
Kroll announced its report Cyber Risk and CFOs: Over-Confidence is Costly which found chief financial officers (CFOs) to be woefully in the dark regarding cybersecurity, despite confidence in their company’s ability to respond to an incident.

How to improve public sector’s security strategy?
With international tensions heightened as we enter month eight of the war between Russia and Ukraine, it’s clear that a new era of intensifying state-sponsored attacks is upon us, especially those targeting public sector agencies and services.

SMBs are hardest-hit by ransomware
Coalition announced the mid-year update to its 2022 Cyber Claims Report detailing the evolution of cyber trends, revealinig that small businesses have become bigger targets, overall incidents are down, and ransomware attacks are declining as demands go unpaid.

Linux variant of the SideWalk backdoor discovered
ESET researchers have discovered a Linux variant of the SideWalk backdoor, one of the multiple custom implants used by the SparklingGoblin APT group.

Why shift left is burdening your dev teams
Security and compliance challenges are a significant barrier to most organizations’ innovation strategies, according to CloudBees. The survey also reveals agreement among C-suite executives that a shift left security strategy is a burden on dev teams.

Report: Benchmarking security gaps and privileged access
Get the full copy of Global Survey of Cybersecurity Leaders: Benchmarking Security Gaps & Privileged Access to benchmark your own security journey. Within, you’ll also find insights to put the research into context. Expert recommendations shed light on where you should be spending your time and give you a head start on planning your next moves.

New infosec products of the week: September 16, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Kingston Digital, Avetta, D3 Security, novoShield, and Socure.

More about

Don't miss