Week in review: MOVEit Transfer critical zero-day vulnerability, Kali Linux 2023.2 released

Week in review

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

MOVEit Transfer zero-day attacks: The latest info
Progress Software has updated the security advisory and confirmed that the vulnerability (still without a CVE number) is a SQL injection vulnerability in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer’s database.

Penetration tester develops AWS-based automated cracking rig
Building a custom cracking rig for research can be expensive, so penetration tester Max Ahartz built one on AWS. In this Help Net Security interview, he takes us through the process and unveils the details of his creation.

The strategic importance of digital trust for modern businesses
In this Help Net Security interview, Deepika Chauhan, CPO at DigiCert, talks about the importance of maintaining high trust assurance levels for businesses in today’s digital landscape.

Navigating cybersecurity in the age of remote work
In this Help Net Security interview, Jay Chaudhry, CEO at Zscaler, talks about connecting and securing remote employees and their devices to access organizational resources from any location.

Threat actors can exfiltrate data from Google Drive without leaving a trace
Google Workspace (formerly G Suite) has a weak spot that can prevent the discovery of data exfiltration from Google Drive by a malicious outsider or insider, Mitiga researchers say.

Zyxel firewalls under attack by Mirai-like botnet
CVE-2023-28771, the critical command injection vulnerability affecting many Zyxel firewalls, is being actively exploited by a Mirai-like botnet, and has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog.

Someone is roping Apache NiFi servers into a cryptomining botnet
If you’re running an Apache NiFi instance exposed on the internet and you have not secured access to it, the underlying host may already be covertly cryptomining on someone else’s behalf.

Kali Linux 2023.2 released: New tools, a pre-built Hyper-V image, a new audio stack, and more!
Offensive Security has released Kali Linux 2023.2, the latest version of its popular penetration testing and digital forensics platform.

Attackers hacked Barracuda ESG appliances via zero-day since October 2022
Barracuda says that the recently discovered compromise of some of it clients’ ESG appliances via a zero-day vulnerability (CVE-2023-2868) resulted in the deployment of three types of malware and data exfiltration.

Qakbot: The trojan that just won’t go away
Qakbot (aka Qbot) – banking malware-turned-malware/ransomware distribution network – has been first observed in 2007 and is active to this day.

Why organizations should adopt a cloud cybersecurity framework
As cloud adoption pervades, one of the bigger security and privacy challenges for cloud service customers is having to relinquish a significant amount of control and ownership of their data and infrastructure to cloud service providers (CSPs).

Zyxel patches vulnerability in NAS devices (CVE-2023-27988)
Zyxel has patched a high-severity authenticated command injection vulnerability (CVE-2023-27988) in some of its network attached storage (NAS) devices aimed at home users.

How defense contractors can move from cybersecurity to cyber resilience
As the world’s most powerful military and economic power, the United States also holds another, less impressive distinction: Cyber threat actors target the US more than any other country in the world.

How APTs target SMBs
Small and medium businesses (SMBs) are not exempt from being targeted by advanced persistent threat (APT) actors, according to Proofpoint researchers.

Company size doesn’t matter when it comes to cyberattacks
65% of organizations in the enterprise sector suffered a cyberattack within the last 12 months, which is similar to the results among companies of all sizes (68%), according to Netwrix.

CISO-approved strategies for software supply chain security
In this Help Net Security video, Tim Mackey, Head of Software Supply Chain Risk Strategy at Synopsys, discusses supply chain security practices and approaches.

Organizations are placing OT cybersecurity responsibility on CISOs
Protecting operational technology (OT) systems is now more critical than ever as more organizations connect their OT environments to the internet, according to Fortinet.

The root causes of API incidents and data breaches
In this Help Net Security video, Jeremy Snyder, CEO of FireTail, talks about the main findings of their State of APIs and API Security in 2023 report.

Organizations spend 100 hours battling post-delivery email threats
Nearly every victim of a spear-phishing attack in the last 12 months saw impacts on their organization, including malware infections, stolen data, and reputational damage, according to Barracuda Networks.

Managing mental health in cybersecurity
In this Help Net Security video, Jason Lewkowicz, Chief Services Officer at Optiv, discusses mental health in cybersecurity, which needs more attention.

Generative AI: The new attack vector for trust and safety
Threat actors are abusing generative AI to carry out child sex abuse material (CSAM), disinformation, fraud and extremism, according to ActiveFence.

Disaster recovery challenges enterprise CISOs face
In this Help Net Security video, Chris Groot, General Manager of Cove Data Protection at N-able, discusses enterprise CISOs’ challenges with disaster recovery.

Top public cloud security concerns for the media and entertainment industry
Media and entertainment (M&E) companies are rapidly turning to cloud storage in efforts to upgrade their security measures, according Wasabi.

Introducing the book: Cybersecurity First Principles
In this Help Net Security video interview, Rick Howard, CSO of N2K, Chief Analyst, and Senior Fellow at the Cyberwire, discusses his book – Cybersecurity First Principles: A Reboot of Strategy and Tactics.

Infosec products of the month: May 2023
Here’s a look at the most interesting products from the past month, featuring releases from: Aqua Security, Axiado, Bitwarden, Cloudflare, ComplyAdvantage, Dashlane, Delinea, Enzoic, Feedzai, Immersive Labs, Intruder, Nebulon, NETSCOUT, Neurotechnology, Nozomi Networks, OpenVPN, Private AI, Radware, Satori, Trua, Vanta, Veriff, and Veza.

New infosec products of the week: June 2, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Bitdefender, ConnectSecure, CYTRACOM, Permit.io, and PingSafe.

More about

Don't miss