Week in review: VirusTotal data leak, Citrix NetScaler zero-day exploitation

Week in review

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Citrix ADC zero-day exploitatation: CISA releases details about attack on CI organization (CVE-2023-3519)
The exploitation of the Citrix NetScaler ADC zero-day vulnerability (CVE-2023-3519) was first spotted by a critical infrastructure organization, who reported it to the Cybersecurity and Infrastructure Security Agency (CISA).

North Korean hackers targeted tech companies through JumpCloud and GitHub
North Korean state-sponsored hackers have been linked to two recent cyberattack campaigns: one involving a spear-phishing attack on JumpCloud and the other targeting tech employees on GitHub through a social engineering campaign.

Using AI/ML to optimize your tech stack and enhance business efficiency
In this Help Net Security interview, Arthur Hu, SVP, Global CIO and Services & Solutions Group CTO at Lenovo, discusses how AI/ML is optimizing tech stacks, the hurdles anticipated in its integration, the role of AI in enterprise resilience and agility, and strategic approaches to innovation despite budget constraints.

CISOs under pressure: Protecting sensitive information in the age of high employee turnover
In this Help Net Security interview, Charles Brooks, Adjunct Professor at Georgetown University’s Applied Intelligence Program and graduate Cybersecurity Programs, talks about how zero trust principles, identity access management, and managed security services are crucial for effective cybersecurity, and how implementation of new technologies like AI, machine learning, and tracking tools can enhance supply chain security.

12 open-source penetration testing tools you might not know about
Red Siege has developed and made available many open-source tools to help with your penetration testing work.

Thanks Storm-0558! Microsoft to expand default access to cloud logs
Starting in September 2023, more federal government and commercial Microsoft customers will have access to expanded cloud logging capabilities at no additional charge, Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA) have announced.

Adobe ColdFusion vulnerabilities exploited to deliver web shells (CVE-2023-29298, CVE-2023-38203)
Attackers are exploiting two Adobe ColdFusion vulnerabilities (CVE-2023-29298, CVE-2023-38203) to breach servers and install web shells to enable persistent access and allow remote control of the system, according to Rapid7 researchers.

Microsoft Exchange servers compromised by Turla APT
Turla has been targeting defense sector organizations in Ukraine and Eastern Europe with DeliveryCheck and Kazuar backdoors / infostealers and has been using compromised Microsoft Exchange servers to control them.

Citrix NetScaler zero-day exploited in the wild, patch is available (CVE-2023-3519)
Citrix has patched three vulnerabilities (CVE-2023-3519, CVE-2023-3466, CVE-2023-3467) in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway), one of which is a zero-day being exploited by attackers.

VirusTotal leaked data of 5,600 registered users
VirusTotal has suffered a data leak that exposed the names and email addresses of 5,600 of its registered users.

Critical XSS vulnerability in Zimbra exploited in the wild (CVE-2023-34192)
A critical cross site scripting (XSS) vulnerability (CVE-2023-34192) in popular open source email collaboration suite Zimbra is being exploited by attackers.

Cybersecurity measures SMBs should implement
Small and medium-sized businesses (SMBs) are targeted by cyberattackers as much as large companies, the 2023 Verizon Data Breach Investigations Report (DBIR) has revealed; here are some cybersecurity controls they should prioritize.

Why data travel is healthcare’s next big cybersecurity challenge
Do you know where your patients’ data lives once it’s in the cloud? Unfortunately, for many healthcare organizations, the answer is no – or, at least, it’s not a definitive yes.

Real-world examples of quantum-based attacks
In this Help Net Security video, Tommaso Gagliardoni, Global Practice Lead in Quantum Security at Kudelski Security, discusses quantum-based attacks.

67% of daily security alerts overwhelm SOC analysts
Today’s security operations (SecOps) teams are tasked with protecting progressively sophisticated, fast-paced cyberattacks, according to Vectra AI.

Trends in ransomware-as-a-service and cryptocurrency to monitor
While most cryptocurrency is traceable, many ransomware operators perform their misdeeds from countries with governments who tend to look the other way, especially if the attacks don’t target the country they are operating from

What to do (and what not to do) after a data breach
In this Help Net Security video, Rodman Ramezanian, Global Cloud Threat Lead at Skyhigh Security, discusses what we should do – and not do – in the wake of a data breach.

Healthcare organizations in the crosshairs of cyberattackers
In an era where cyber threats continue to evolve, healthcare organizations are increasingly targeted by malicious actors employing multiple attack vectors, according to Trustwave.

A fresh look at the current state of financial fraud
In this Help Net Security video, Greg Woolf, CEO at FiVerity, discusses how the emergence of sophisticated fraud tools powered by AI and recent upheavals in the banking sector have forged an ideal environment for financial fraud.

Growing scam activity linked to social media and automation
The average number of scam resources created per brand across all regions and industries more than doubled year-on-year in 2022, up 162%, according to Group-IB.

How healthcare organizations should measure their device security success
In this Help Net Security video, Chris Westphal, Head of Product Marketing at Ordr, discusses how healthcare organizations should measure their device security success and where they should be concentrating their future security investments.

Data compromises on track to set a new record
The number of data compromises reported in the U.S. in the H1 of 2023 is higher than the total compromises reported every year between 2005 and 2020, except for 2017, according to Identity Theft Resource Center.

eBook: 9 Ways to Secure Your Cloud App Dev Pipeline
In this guide Uptycs and Lee Atchison, renowned cybersecurity thought leader, team up to suggest 9 proven security measures designed to enhance the security posture of all applications involved in your deployment process.

Growing a 15,000 strong automotive cybersecurity group with John Heldreth
Instead of trying to find solutions in a siloed manner, the automotive industry should have a place to collaborate, network, and take action against the rise in cyber threats targeted at their vehicles.

New infosec products of the week: July 21, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Code42, ComplyAdvantage, Diligent, Privacera, and Tenable.

OPIS

Subscribe to the Help Net Security breaking news e-mail alerts:

OPIS
More about

Don't miss