Week in review: Booking.com hotel booking scam, Kali Linux 2023.4 released

Week in review

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Advanced ransomware campaigns expose need for AI-powered cyber defense
In this Help Net Security interview, Carl Froggett, CIO at Deep Instinct, discusses emerging trends in ransomware attacks, emphasizing the need for businesses to use advanced AI technologies, such as deep learning (DL), for prevention rather than just detection and response.

SessionProbe: Open-source multi-threaded pentesting tool
SessionProbe is a multi-threaded pentesting tool designed to evaluate user privileges in web applications.

Kali Linux 2023.4 released: New tools, Kali for Raspberry Pi 5, and more!
OffSec (previously Offensive Security) has released Kali Linux 2023.4, the latest version of its penetration testing and digital forensics platform.

Microsoft will offer extended security updates for Windows 10
Microsoft will not abandon Windows 10 users to an insecure fate once it reaches end of support (EOS) on October 14, 2025: both enterprises and individual consumers will be able receive Extended Security Updates (ESU), but will have to pay for them.

Researchers automated jailbreaking of LLMs with other LLMs
AI security researchers from Robust Intelligence and Yale University have designed a machine learning technique that can speedily jailbreak large language models (LLMs) in an automated fashion.

Short-term AWS access tokens allow attackers to linger for a longer while
Attackers usually gain access to an organization’s cloud assets by leveraging compromised user access tokens obtained via phishing, by using malware, or by finding them in public code repositories.

New RCE vulnerability in Apache Struts 2 fixed, upgrade ASAP (CVE-2023-50164)
The Apache Struts project has released updates for the popular open-source web application framework, with fixes for a critical vulnerability that could lead to remote code execution (CVE-2023-50164).

Booking.com customers targeted in hotel booking scam
Scammers are hijacking hotels’ Booking.com accounts and using them as part of a hotel booking scam aimed at tricking guests into sharing their payment card information.

CyberAv3ngers hit Unitronics PLCs at multiple US-based water facilities
Iran-affiliated attackers CyberAv3ngers continue to exploit vulnerable Unitronics programmable logic controllers (PLCs), US and Israeli authorities have said in a joint cybersecurity advisory.

Russian hackers use old Outlook vulnerability to target Polish orgs (CVE-2023-23397)
Russian state-backed hacking group Forest Blizzard (aka Fancy Bear, aka APT28) has been using a known Microsoft Outlook vulnerability (CVE-2023-23397) to target public and private entities in Poland, Polish Cyber Command has warned.

CISA: Adobe ColdFusion flaw leveraged to access government servers (CVE-2023-26360)
Unknown attackers have leveraged a critical vulnerability (CVE-2023-26360) in the Adobe ColdFusion application development platform to access government servers, the Cybersecurity and Infrastructure Security Agency (CISA) has shared.

Atlassian fixes four critical RCE vulnerabilities, patch quickly!
Atlassian has released security updates for four critical vulnerabilities (CVE-2023-1471, CVE-2023-22522, CVE-2023-22524, CVE-2023-22523) in its various offerings that could be exploited to execute arbitrary code.

Meta introduces default end-to-end encryption for Messenger and Facebook
Meta is introducing default end-to-end encryption (E2EE) for chats and calls across Messenger and Facebook, the company revealed on Wednesday.

Put guardrails around AI use to protect your org, but be open to changes
Artificial intelligence (AI) is a topic that’s currently on everyone’s minds. While in some industries there is concern it could replace workers, other industries have embraced it as a game-changer for streamlining processes, automating repetitive tasks, and saving time.

The AI readiness race and where global companies stand
In this Help Net Security video, Dave Lewis, Advisory CISO at Cisco, helps companies understand their level of readiness.

OpenTofu: Open-source alternative to Terraform
OpenTofu is an open-source alternative to Terraform’s widely used Infrastructure as Code provisioning tool.

How AI is revolutionizing “shift left” testing in API security
API security testing poses a more complex problem because APIs are based on various technologies (GraphQL, REST, etc.), business functions (sensitive or non-sensitive data exposure), and other factors.

Exploring the impact of generative AI in the 2024 presidential election
In this Help Net Security video, Ryan Maltzen, Cybersecurity Architect at Fortra, discusses how, in past elections, this was more largely a manual process than we should expect with the rise of generative AI and other tools that seem well-positioned to have impacts in this space.

21 high-risk vulnerabilities in OT/IoT routers found
Forescout detailed the discovery of 21 new vulnerabilities in OT/IoT routers and open-source software elements.

Three security data predictions for 2024
How do companies protect their digital environments in a world where everything is growing more complex, quickly – data, customer expectations, cyber threats and more?

Why zero-trust segmentation is critical for cloud resilience
In this Help Net Security video, John Kindervag, zero trust creator and Chief Evangelist at Illumio, discusses how organizations need modern security approaches that offer them real-time visibility and containment by default to mitigate risk and optimize opportunities afforded by the cloud.

2024 brings changes in data security strategies
2024 will be a revolutionary year for the data security landscape as Data Security Posture Management (DSPM) technology rapidly evolves to keep pace with the colossal amount of data being created, stored and shared within organizations and across business sectors, according to Metomic.

Ransomware in 2024: Anticipated impact, targets, and landscape shift
Government pressure will force some ransomware groups to disband or law enforcement will catch principal bad actors, but affiliates can attack themselves other groups

Using AI and automation to manage human cyber risk
In this Help Net Security video, John Scott, Lead Cybersecurity Researcher at CultureAI, discusses how integrating AI and automation into your cybersecurity strategy can improve employee behaviors and reduce security incidents.

Aim for a modern data security approach
Risk, compliance, governance, and security professionals are finally realizing the importance of subjecting sensitive workloads to robust data governance and protection the moment the data begins traversing the data pipeline
Week in review:

December 2023 Patch Tuesday forecast: ‘Tis the season for vigilance
The final Patch Tuesday of the year is almost upon us! This is the time of year when we want to relax and enjoy the holidays, but we need to be extra vigilant to detect and respond to suspicious activity.

eBook: Defending the Infostealer Threat
Enterprises’ increasing digital reliance has fueled an array of cybersecurity threats. One rapidly growing area is information-stealing malware known as infostealers, which is malicious software designed to steal data.

Product showcase: Apiiro unifies AppSec and SSCS in a deep ASPM
Apiiro goes beyond the basics, using native code-to-runtime context to unify risk visibility, assessment, prioritization, and governance across applications and software supply chains.

New infosec products of the week: December 8, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Atsign, Daon, Global Integrity, Living Security, Panther Labs, Searchlight Cyber, and Varonis.

More about

Don't miss