Week in review: Cybersecurity job openings, hackers use 1-day flaws to drop custom Linux malware

Week in review

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Transitioning to memory-safe languages: Challenges and considerations
In this Help Net Security interview, Omkhar Arasaratnam, General Manager at the Open Source Security Foundation (OpenSSF), discusses the evolution of memory-safe programming languages and their emergence in response to the limitations of languages like C and C++.

LastPass’ CIO vision for driving business strategy, innovation
Recently, LastPass appointed Asad Siddiqui as its CIO. He brings over two decades of experience leading startups and large technology organizations. It was the perfect time for Help Net Security to find out what’s next for Siddiqui in his new role and how he plans to bridge the gap between business objectives and technological solutions.

Cybersecurity jobs available right now: March 12, 2024
We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.

CloudGrappler: Open-source tool detects activity in cloud environments
CloudGrappler is an open-source tool designed to assist security teams in identifying threat actors within their AWS and Azure environments.

MobSF: Open-source security research platform for mobile apps
The Mobile Security Framework (MobSF) is an open-source research platform for mobile application security, encompassing Android, iOS, and Windows Mobile.

Microsoft: Russian hackers accessed internal systems, code repositories
Midnight Blizzard (aka APT29), a group of Russian hackers tied to the country’s Foreign Intelligence Service (SVR), has leveraged information stolen from Microsoft corporate email systems to burrow into the company’s source code repositories and internal systems.

March 2024 Patch Tuesday: Microsoft fixes critical bugs in Windows Hyper-V
On this March 2024 Patch Tuesday, Microsoft has released fixes for 59 CVE-numbered vulnerabilities, but – welcome news! – none of them are currently publicly known or actively exploited.

BSAM: Open-source methodology for Bluetooth security assessment
Many wireless headsets using Bluetooth technology have vulnerabilities that may allow malicious individuals to covertly listen in on private conversations, Tarlogic Security researchers have demonstrated last week at RootedCON in Madrid.

The effects of law enforcement takedowns on the ransomware landscape
While the results of law enforcement action against ransomware-as-a-service operators Alphv/BlackCat and LockBit are yet to be fully realized, the August 2023 disruption of the Qakbot botnet has had one notable effect: ransomware affiliates have switched to vulnerability exploitation as the primary method of delivering the malware.

PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800)
Arcserve has fixed critical security vulnerabilities (CVE-2024-0799, CVE-2024-0800) in its Unified Data Protection (UDP) solution that can be chained to upload malicious files to the underlying Windows system.

Critical FortiClient EMS vulnerability fixed, (fake?) PoC for sale (CVE-2023-48788)
A recently fixed SQL injection vulnerability (CVE-2023-48788) in Fortinet’s FortiClient Endpoint Management Server (EMS) solution has apparently piqued the interest of many: Horizon3’s Attack Team means to publish technical details and a proof-of-concept exploit for it next week, and someone is attempting to sell a PoC for less than $300 via GitHub.

Tax-related scams escalate as filing deadline approaches
As the April 15, 2024 tax filing deadline approaches in the US, some old and some new tax-related scams targeting both taxpayers and tax professionals.

Hackers leverage 1-day vulnerabilities to deliver custom Linux malware
A financially motivated threat actor is using known vulnerabilities to target public-facing services and deliver custom malware to unpatched Windows and Linux systems.

How advances in AI are impacting business cybersecurity
While ChatGPT and Bard have proven to be valuable tools for developers, marketers, and consumers, they also carry the risk of unintentionally exposing sensitive and confidential data.

Email security trends in the energy and infrastructure sector
In this Help Net Security video, Mike Britton, CISO at Abnormal Security, discusses how energy and infrastructure organizations face an increased risk of business email compromise and vendor email compromise attacks.

10 free cybersecurity guides you might have missed
This collection of free cybersecurity guides covers a broad range of topics, from resources for developing cybersecurity programs to specific guides for various sectors and organizations.

How organizations can keep up with shifting data privacy regulations
In this Help Net Security video, Romain Deslorieux, Global Director, Strategic Partnerships at Thales, discusses what companies should be planning based on current regulations and what steps they can take to prepare for the future.

Image-based phishing tactics evolve
While 70% of organizations feel their current security stacks are effective against image-based and QR code phishing attacks, 76% were still compromised in the last 12 months, according to IRONSCALES and Osterman Research.

The most concerning risks for 2024 and beyond
In this Help Net Security video, Melissa Bischoping, Director, Endpoint Security Research at Tanium, discusses the most concerning risks for 2024 and beyond, from both an internal and external perspective.

Keyloggers, spyware, and stealers dominate SMB malware detections
In 2023, 50% of malware detections for SMBs were keyloggers, spyware and stealers, malware that attackers use to steal data and credentials, according to Sophos.

How teams can improve incident recovery time to minimize damages
In this Help Net Security video, Nick Scozzaro, CEO at ShadowHQ, discusses why incident response and disaster recovery processes are flawed and offers advice on how teams can improve incident recovery time to minimize damages.

AI and the future of corporate security
In this Help Net Security video, Tracy Reinhold, CSO at Everbridge, discusses why AI technology must be embraced while also exploring some guardrails that must be in place to protect organizations against threats using AI to penetrate facilities.

Product showcase: How to track SaaS security best practices with Nudge Security
Nudge Security discovers all SaaS apps ever introduced by anyone in your organization and offers automation and orchestration capabilities to make it easy to implement SaaS security best practices.

New infosec products of the week: March 15, 2024
Here’s a look at the most interesting products from the past week, featuring releases from AuditBoard, Cynerio, DataDome, Regula, and Tenable.

More about

Don't miss