Week in review: Western Digital network security incident, QNAP vulns, Patch Tuesday forecast

The week in security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Passbolt: Open-source password manager for security-conscious organizations
In this Help Net Security interview, Kevin Muller, CEO at Passbolt, delves into the critical concerns linked to password usage, outlines how the Passbolt password manager guarantees the utmost level of security for businesses, highlights its features in the competitive landscape, sheds light on how Passbolt meets the distinct requirements of teams and organizations, and more.

Rookout’s Snapshots: The fourth pillar of observability for more secure applications
Liran Haimovitch, CTO and co-founder of Rookout, with his extensive background in cybersecurity within the Israeli government, has a unique perspective on the importance of security and its impact on businesses.

Rorschach ransomware deployed by misusing a security tool
An unbranded ransomware strain that recently hit a US-based company is being deployed by attackers who are misusing a tool included in a commercial security product, Check Point researchers have found.

Flood of malicious packages results in NPM registry DoS
Attackers are exploiting the good reputation and “openness” of the popular public JavaScript software registry NPM to deliver malware and scams, but are also simultaneously and inadvertently launching DoS attacks against the service.

Prevent and detect Adobe ColdFusion exploitation (CVE-2023-26360, CVE-2023-26359)
When Adobe released security updates for its ColdFusion application development platform last month, it noted that one of the vulnerabilities (CVE-2023-26360) had been exploited in the wild “in very limited attacks.”

Rilide browser extension steals MFA codes
Cryptocurrency thieves are targeting users of Chromium-based browsers – Google Chrome, Microsoft Edge, Brave Browser, and Opera – with an extension that steals credentials and can grab multi-factor authentication (MFA) codes.

3CX supply chain attack: What do we know?
Five days have passed since the supply chain attack targeting 3CX customers gained wider public attention, but the software’s manufacturer is yet to confirm how the Windows and macOS desktop apps (based on the Electron software framework) have been compromised by the attackers.

Western Digital network security incident and service outage
US-based data storage company Western Digital has announced that it has suffered a network security incident that resulted in an unauthorized third party gaining access to a number of the company’s systems and some company data.

Phishing emails from legit YouTube address hitting inboxes
Phishers are targeting YouTube content creators by leveraging the service’s Share Video by Email feature, which delivers the phishing email from an official YouTube email address (no-reply@youtube.com).

Cyber threats organizations should keep an eye on in 2023
In Malwarebytes’ most recent report on the current state of malware, the company has identified several high-profile cyber threats that organizations should be on the lookout for in 2023.

Google Play apps will allow users to initiate in-app account deletion
Google Play will be pushing Android app developers to allow users to delete their account and associated data from within the app.

April 2023 Patch Tuesday forecast: The vulnerability discovery race
The answer to the question “Why does software continue to have so many vulnerabilities?” is complex, because the software itself is so complex.

Millions still exposed despite available fixes
Although KEV catalog vulnerabilities are frequent targets of APT Groups, a large and exploitable attack surface remains due to software vendors’ lack of awareness and action, according to Rezilion.

Stop online counterfeiters dead in their tracks
In this Help Net Security interview, Nicole Hofmann, CEO at Sentryc, delves into the critical issue of counterfeiting and the detrimental impact it has on industries and brands.

How airlines can embrace IT system modernization
In this Help Net Security video, Jim Jackson, President and CRO of TuxCare, discusses how keeping legacy systems secure requires a modern platform that satisfies compliance requirements while also receiving automated security updates for high and critical vulnerabilities.

How can organizations bridge the gap between DR and cybersecurity?
Breaking down the silos between disaster recovery (DR) and cybersecurity has become increasingly important to ensure maximum business resiliency against outages, data breaches, and ransomware attacks.

Lack of security employees makes SMBs sitting ducks for cyber attacks
For SMBs (and startups in particular), breaches can be devastating, according to DigitalOcean.

How AI is transforming cybersecurity for better and worse
In this Help Net Security video, Matt Aldridge, Principal Solutions Consultant at OpenText Cyber Security, talks about how AI is truly exploding onto the scene in many different ways.

Malware and machine learning: A match made in hell
Deepfakes are probably the first thing that comes to mind when discussing AI’s criminal or malicious use. Nowadays, it’s easy to create realistic images of fake people, and we see them frequently used in romance scams and other fraud cases.

IT and security pros pressured to keep quiet about data breaches
Organizations globally are under tremendous pressure to address evolving threats like ransomware, zero-day vulnerabilities, and espionage, and they face challenges in extending security coverage across multiple environments and dealing with an ongoing skills shortage, according to Bitdefender.

The high cost of insecure authentication methods
Insecure authentication is a primary cause of cyber breaches, and that cumbersome login methods take an unacceptable toll on employees and business productivity, according to HYPR.

Shadow data slipping past security teams
The rapid pace of cloud transformation and democratization of data has created a new innovation attack surface, leading to 3 in 4 organizations experiencing a cloud data breach in 2022, according to Laminar.

The hidden picture of malware attack trends
Despite the decline in network-detected malware in Q4 2022, endpoint ransomware spiked by 627%, while malware associated with phishing campaigns persisted as a threat, according to WatchGuard.

Streamlining cybersecurity decision-making for analysts and CISOs
Using structured, machine-readable data in defensive systems can present a significant challenge. In this Help Net Security interview, Giorgos Georgopoulos, CEO at Elemendar, discusses these challenges and how Elemendar’s application can help cyber analysts and CISOs.

Resecurity uncovers STYX, new cybercriminal platform focused on financial fraud
Resecurity has recently identified the STYX Innovation Marketplace, a new cybercriminal e-commerce platform with a specialized focus on financial fraud and money laundering.

New infosec products of the week: April 7, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Guardz, Malwarebytes, Obsidian Security, and Stamus Networks.

Infosec products of the month: March 2023
Here’s a look at the most interesting products from the past month, featuring releases from: 1Password, Appdome, Atakama, BreachLock, Elevate Security, Fastly, Forescout, ForgeRock, GrammaTech, HackNotice, Hornetsecurity, HYPR, Kensington, LOKKER, ManageEngine, Nile, Palo Alto Networks, Persona, ReversingLabs, Tausight, Vectra, Veeam Software, Verosint, Vumetric, Waterfall Security Solutions.

More about

Don't miss