Week in review: PaperCut vulnerabilities, VMware fixes critical flaws, RSA Conference 2023

The week in security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

RSA Conference 2023
RSA Conference 2023 took place at the Moscone Center in San Francisco. Check out our microsite for related news, photos, product releases, and more.

Overcoming industry obstacles for decentralized digital identities
In this Help Net Security interview, Eve Maler, CTO at ForgeRock, talks about how digital identities continue to play a critical role in how we access online services securely. Maler also highlights the challenges encountered by various industries in implementing decentralized digital identities.

PaperCut vulnerabilities leveraged by Clop, LockBit ransomware affiliates
Clop and LockBit ransomware affiliates are behind the recent attacks exploiting vulnerabilities in PaperCut application servers, according to Microsoft and Trend Micro researchers.

Common insecure configuration opens Apache Superset servers to compromise
An insecure default configuration issue (CVE-2023-27524) makes most internet-facing Apache Superset servers vulnerable to attackers, Horizon3.ai researchers have discovered.

3CX breach linked to previous supply chain compromise
Pieces of the 3CX supply chain compromise puzzle are starting to fall into place, though we’re still far away from seeing the complete picture.

GitHub introduces private vulnerability reporting for open source repositories
GitHub has announced that its private vulnerability reporting feature for open source repositories is now available to all project owners.

Google Authenticator updated, finally allows syncing of 2FA codes
Google has updated Google Authenticator, its mobile authenticator app for delivering time-based one-time authentication codes, and now allows users to sync (effectively: back up) their codes to their Google account.

VMware fixes critical flaws in virtualization software (CVE-2023-20869, CVE-2023-20870)
VMware has fixed one critical (CVE-2023-20869) and three important flaws (CVE-2023-20870, CVE-2023-20871, CVE-2023-20872) in its VMware Workstation and Fusion virtual user session software.

Google adds new risk assessment tool for Chrome extensions
Google has made available a new tool for Google Workspace admins and security teams to make an assessment of the risk different Chrome extensions may present to their users: Spin.AI App Risk Assessment.

VMware plugs security holes in VMware Aria Operations for Logs (CVE-2023-20864, CVE-2023-20865)
VMware has fixed two vulnerabilities (CVE-2023-20864, CVE-2023-20865) in VMware Aria Operations for Logs (formerly vRealize Log Insight), a widely used cloud solution for log analysis and management.

The silent killers in digital healthcare
As digital transformation revolutionizes the healthcare industry, its use of API (application programming interfaces) technology is skyrocketing.

Over 70 billion unprotected files available on unsecured web servers
Critical exposures outside of an organization’s firewall are the greatest source of cybersecurity threats, according to CybelAngel.

How CISOs navigate security and compliance in a multi-cloud world
In this Help Net Security video, Kaus Phaltankar, CEO at Caveonix discusses how in today’s complex multi-cloud landscape, the role of CISOs is more crucial than ever.

Are you ready for PCI DSS 4.0?
In just under a year’s time, organizations will have had to comply with several new requirements under version 4.0 of the Payment Card Industry Data Security Standard (PCI DSS).

Attackers are logging in instead of breaking in
Cyberattackers leveraged more than 500 unique tools and tactics in 2022, according to Sophos.

Securing the rapidly developing edge ecosystem
In this Help Net Security video interview, Theresa Lanowitz, Head of Cybersecurity Evangelism at AT&T Business, discusses the 12th annual Cybersecurity Insights Report, released at RSA Conference 2023.

Generative AI and security: Balancing performance and risk
Are we moving too fast with AI? This is a central question both inside and outside the tech industry, given the recent tsunami of attention paid to ChatGPT and other generative AI tools.

Unlocking the passwordless era
Although interest in passwordless technology, which aims to eliminate the need for passwords, is relatively low, 65% of consumers are receptive to using new technology that simplifies their lives, according to 1Password.

Why juice jacking is overhyped
In this Help Net Security video, Candid Wuest, VP of Global Research at Acronis, shares his insights into why juice jacking attacks are not easy for attackers – and why the actual risk for consumers is using public Wi-Fi networks.

The double-edged sword of generative AI
Before sophisticated models like ChatGPT were publicly available, organized disinformation campaigns required significantly more resources to function. For serious operations, multiple individuals were required to run campaigns effectively.

AI tools help attackers develop sophisticated phishing campaigns
Phishing scams are a growing threat, and cybercriminals’ methods are becoming increasingly sophisticated, making them harder to detect and block, according to Zscaler report.

Corporate boards pressure CISOs to step up risk mitigation efforts
While those working in InfoSec and GRC have high levels of confidence in their cyber/IT risk management systems, persistent problems may be making them less effective than perceived, according to RiskOptics.

New coercive tactics used to extort ransomware payments
The increase in reported ransomware victims across Q1 2023 reflects the continued prevalence of ransomware as a worldwide, industry agnostic threat, according to GuidePoint Security.

The double-edged sword of open-source software
The lack of visibility into the software supply chain creates an unsustainable cycle of discovering vulnerabilities and weaknesses in software and IT systems, overwhelming organizations, according to Lineaje.

Study of past cyber attacks can improve organizations’ defense strategies
Ransomware operators have been increasingly launching frequent attacks, demanding higher ransoms, and publicly exposing victims, leading to the emergence of an ecosystem that involves access brokers, ransomware service providers, insurance providers, and ransom negotiators, according to Deepwatch.

CISOs: unsupported, unheard, and invisible
A study conducted among CISOs worldwide from various industries sheds light on their strategies amid a challenging threat environment, identifies obstacles from business functions, and highlights their requirements for achieving success.

How product security reached maturity
Slava Bronfman, Co-Founder & CEO of Cybellum discusses his experience in watching the product security sector mature over the last decade in the recent episode of Left to our Own Devices podcast.

eBook: Security Compliance for CISOs
Security compliance often feels like the ever-present task that looms over every angle of your role as Chief Information Security Officer. Yet, regardless of the hours spent managing it, something can always slip through the cracks.

New infosec products of the week: April 28, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Abnormal Security, Arista Networks, Cyera,
Eclypsium, Halo Security, Immuta, ManageEngine, and Traceable AI.

More about

Don't miss