Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
Unlocking internet’s secrets via monitoring, data collection, and analysis
In this Help Net Security interview, Ryan Woodley, CEO of Netcraft, discusses the importance of monitoring, collecting, and analyzing internet data to gain a profound understanding of the internet.
Preparing health systems for cyber risks and insurance coverage
In this Help Net Security interview, Dennis Fridrich, VP of Cybersecurity at TRIMEDX, delves into the hidden costs of cyberattacks on health systems, the role of insurers in promoting cybersecurity preparedness, and how organizations can better manage their cyber risk.
Exploring the persistent threat of cyberattacks on healthcare
In this Help Net Security interview, Brett Harris, Cybersecurity Officer for the Americas at Siemens Healthineers, discusses the long-term impacts of cyberattacks on healthcare institutions and what healthcare providers can do to protect patients’ personal data and medical devices.
PoC for Arcserve UDP authentication bypass flaw published (CVE-2023-26258)
An authentication bypass vulnerability (CVE-2023-26258) in the Arcserve Unified Data Protection (UDP) enterprise data protection solution can be exploited to compromise admin accounts and take over vulnerable instances, MDSec researchers Juan Manuel Fernández and Sean Doherty have found – and have released a PoC exploit for it.
8Base ransomware group leaks data of 67 victim organizations
Lockbit 3.0 is currently the most active ransomware group, NCC Group says in its most recent Threat Pulse report, but new ransomware groups like 8Base and Akira are rising in prominence.
MOVEit compromise affects pension systems, insurers
The compromise of PBI Research and The Berwyn Group’s MOVEit installation has resulted in the theft of data belonging to several pension systems and insurance companies – and millions of their users.
5 free online cybersecurity courses you should check out
5 free online cybersecurity courses you should check out: Cryptography, Networks and Communications Security, Security Awareness Training, Security Operations and Administration, and Systems and Application Security.
How hardening Microsoft 365 tenants mitigates potential cloud attacks
In this Help Net Security video, Aaron Turner, IANS Faculty and SaaS CTO at Vectra AI, discusses how hardening Microsoft 365 tenants can reduce the chances of a disastrous cloud attack.
Widespread BEC attacks threaten European organizations
European organizations experienced a greater volume and frequency of BEC attacks over the last year, as compared to organizations in the United States, according to Abnormal Security.
A deep-dive demo of NetSPI’s Attack Surface Management (ASM) platform
Learn how NetSPI’s always-on solution allows companies to improve visibility, inventory, and understanding of known and unknown assets and exposures on their global attack surface and distill signal from noise.
95% fear inadequate cloud security detection and response
Although numerous respondents acknowledged employing risky practices and behaviors within their cloud environments, they strongly believe in the effectiveness of their security tools and processes to safeguard their organizations against meticulously planned attacks, according to Permiso.
How cyber insurance empowers CISOs
In this Help Net Security video, Fawaz Rasheed, Field CISO at VMware, discusses how cyber insurance remains the high tide that rises ships.
Uncovering attacker tactics through cloud honeypots
Attackers typically find exposed “secrets” – pieces of sensitive information that allow access to an enterprise cloud environment — in as little as two minutes and, in many cases, begin exploiting them almost instantly, highlighting the urgent need for comprehensive cloud security, according to Orca Security.
The magic formula for big data companies to outshine the competition
In this Help Net Security video, Shane Shook, Venture Partner at Forgepoint Capital, believes it takes more than just cutting-edge technology to rise above the noise and discusses the magic formula for data companies to conquer the competition.
Global rise in DDoS attacks threatens digital infrastructure
In 2022, the total number of DDoS attacks worldwide increased by 115.1% over the amount observed in 2021, according to Nexusguard.
Micropatches: What they are and how they work
In this Help Net Security video, Mitja Kolsek, CEO at Acros Security, discusses micropatches, a solution to a huge security problem.
Popular generative AI projects pose serious security threat
Many popular generative AI projects are an increased security threat and open-source projects that utilize insecure generative AI and LLMs also have poor security posture, resulting in an environment with substantial risk for organizations, according to Rezilion.
Guide: Attack Surface Management (ASM)
ASM complements pentesting because it brings an always-on approach to discovering attack surface exposures, validating the impact, and prioritizing updates.
New infosec products of the week: June 30, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Cequence Security, Delinea, Index Engines, and NetApp.