Week in review: 11 search engines for cybersecurity research, PoC for RCE in Juniper firewall released
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
Adapting authentication to a cloud-centric landscape
In this Help Net Security interview, Florian Forster, CEO at Zitadel, discusses the challenges CISOs face in managing authentication across increasingly distributed and remote workforces, the negative consequences of ineffective authorization, and how the shift toward cloud transformation affects authentication strategies.
What makes a good ASM solution stand out
In this Help Net Security interview, Patrice Auffret, CTO at Onyphe, explains how the traditional perimeter-based security view is becoming obsolete.
What does optimal software security analysis look like?
In this Help Net Security interview, Kevin Valk, co-CEO at Codean, discusses the consequences of relying solely on automated tools for software security.
PoC for no-auth RCE on Juniper firewalls released
Researchers have released additional details about the recently patched four vulnerabilities affecting Juniper Networks’ SRX firewalls and EX switches that could allow remote code execution (RCE), as well as a proof-of-concept (PoC) exploit.
Easy-to-exploit Skype vulnerability reveals users’ IP address
A vulnerability in Skype mobile apps can be exploited by attackers to discover a user’s IP address – a piece of information that may endanger individuals whose physical security depends on their general location remaining secret.
Qakbot botnet disrupted, malware removed from 700,000+ victim computers
The Qakbot botnet has been crippled by the US Department of Justice (DOJ): 52 of its servers have been seized and the popular malware loader has been removed from over 700,000 victim computers around the world.
The removal of Qakbot from infected computers is just the first step
The Qakbot botnet has been disrupted by an international law enforcement operation that culminated last weekend, when infected computers started getting untethered from it by specially crafted FBI software.
Cisco VPNs with no MFA enabled hit by ransomware groups
Since March 2023 (and possibly even earlier), affiliates of the Akira and LockBit ransomware operators have been breaching organizations via Cisco ASA SSL VPN appliances.
Uncovering a privacy-preserving approach to machine learning
In the era of data-driven decision making, businesses are harnessing the power of machine learning (ML) to unlock valuable insights, gain operational efficiencies, and solidify competitive advantage.
Kroll SIM-swap attack: FTX, BlockFi and Genesis clients’ info exposed
Financial and risk advisory firm Kroll has suffered a SIM-swapping attack that allowed a threat actor to access files containing personal information of clients of bankrupt cryptocurrency platforms FTX, BlockFi and Genesis.
Is the cybersecurity community’s obsession with compliance counter-productive?
Cybersecurity spending continues to increase and yet breach incidents are increasing as well.
Ransomware group exploits Citrix NetScaler systems for initial access
A known threat actor specializing in ransomware attacks is believed to be behind a recent campaign that targeted unpatched internet-facing Citrix NetScaler systems to serve as an initial foothold into enterprise networks.
Is the new OWASP API Top 10 helpful to defenders?
The OWASP Foundation’s Top Ten lists have helped defenders focus their efforts with respect to specific technologies and the OWASP API (Application Programming Interface) Security Top 10 2023 is no exception.
Google launches tool to identify AI-generated images
Google is launching a beta version of SynthID, a tool that identifies and watermarks AI-generated images.
The power of passive OS fingerprinting for accurate IoT device identification
The number of IoT devices in enterprise networks and across the internet is projected to reach 29 billion by the year 2030. This exponential growth has inadvertently increased the attack surface.
VMware fixes critical vulnerability in Aria Operations for Networks (CVE-2023-34039)
VMware has patched one critical (CVE-2023-34039) and one high-severity vulnerability (CVE-2023-20890) in Aria Operations for Networks, its popular enterprise network monitoring tool.
Apple offers security researchers specialized iPhones to tinker with
Apple is inviting security researchers to apply for its Security Research Device Program (SRDP) again, to discover vulnerabilities and earn bug bounties.
How Ducktail capitalizes on compromised business, ad accounts
Quite some money can be made from selling compromised business and ad accounts on social media platforms, and the Ducktail threat actor has specialized in just that.
11 search engines for cybersecurity research you can use right now
Staying ahead in cybersecurity requires constant learning and adaptation.
What true diversity in the cybersecurity industry looks like
In this Help Net Security video, Larry Whiteside, Jr., CISO at RegScale and President of Cyversity, discusses how, now more than ever, the cybersecurity industry needs the diversity of thought to address the increasingly complex and technology-driven challenges organizations face.
Velociraptor: Open-source digital forensics and incident response
Velociraptor is a sophisticated digital forensics and incident response tool designed to improve your insight into endpoint activities.
A closer look at the RFI on open-source software security
In this Help Net Security video, Luis Villa, General Counsel at Tidelift, discusses how the RFI is a clear call to open source experts and industry leaders that the best ideas for how the government can make the entire open source ecosystem more healthy and secure are top of mind.
Experts demand clarity as they struggle with cloud security prioritization
Cloud Native Application Protection Platforms (CNAPPs) have emerged as a critical category of security tooling in recent years due to the complexity of comprehensively securing multi-cloud environments, according to Cloud Security Alliance.
ChatGPT on the chopping block as organizations reevaluate AI usage
In this Help Net Security video, Arvind Raman, SVP and CISO at BlackBerry, discusses how organizations worldwide implement or plan bans on ChatGPT and other Generative AI applications within the workplace over cybersecurity concerns.
IT leaders alarmed by generative AI’s SaaS security implications
IT leaders are grappling with anxiety over the risks of generative AI despite continued confidence in their software-as-a-service (SaaS) security posture, according to Snow Software.
The secret habits of top-performing CISOs
69% of top-performing CISOs dedicate recurring time on their calendars for personal professional development, according to Gartner.
New infosec products of the week: September 1, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Ciphertex Data Security, ComplyCube, Fortinet, and MixMode.