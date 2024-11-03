Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Patching problems: The “return” of a Windows Themes spoofing vulnerability

Despite two patching attempts, a security issue that may allow attackers to compromise Windows user’s NTLM (authentication) credentials via a malicious Windows themes file still affects Microsoft’s operating system, 0patch researchers have discovered.

Black Basta operators phish employees via Microsoft Teams

Black Basta ransomware affiliates are still trying to trick enterprise employees into installing remote access tool by posing as help desk workers, now also via Microsoft Teams.

Google on scaling differential privacy across nearly three billion devices

In this Help Net Security interview, Miguel Guevara, Product Manager, Privacy Safety and Security at Google, discusses the complexities involved in scaling differential privacy technology across large systems.

Phishers reach targets via Eventbrite services

Crooks are leveraging the event management and ticketing website Eventbrite to deliver their phishing emails to potential targets.

How agentic AI handles the speed and volume of modern threats

In this Help Net Security interview, Lior Div, CEO at Seven AI, discusses the concept of agentic AI and its application in cybersecurity.

Lottie Player supply chain compromise: Sites, apps showing crypto scam pop-ups

A supply chain compromise involving Lottie Player, a widely used web component for playing site and app animations, has made popular decentralized finance apps show pop-ups urging users to connect their wallets, TradingView has reported.

How open-source MDM solutions simplify cross-platform device management

In this Help Net Security interview, Mike McNeil, CEO at Fleet, talks about the security risks posed by unmanaged mobile devices and how mobile device management (MDM) solutions help address them.

North Korean hackers pave the way for Play ransomware

North Korean state-sponsored hackers – Jumpy Pisces, aka Andariel, aka Onyx Sleet – have been spotted burrowing into enterprise systems, then seemingly handing matters over to the Play ransomware group.

Simplifying decentralized identity systems for everyday use

In this Help Net Security interview, Carla Roncato, VP of Identity at WatchGuard Technologies, discusses how companies can balance privacy, security, and usability in digital identity systems.

Russian hackers deliver malicious RDP configuration files to thousands

Midnight Blizzard – a cyber espionage group that has been linked to the Russian Foreign Intelligence Service (SVR) – is targeting government, academia, defense, and NGO workers with phishing emails containing a signed Remote Desktop Protocol (RDP) configuration file.

Inside console security: How innovations shape future hardware protection

In this Help Net Security interview, security researchers Specter and ChendoChap discuss gaming consoles’ unique security model, highlighting how it differs from other consumer devices.

US charges suspected Redline infostealer developer, admin

The identity of a suspected developer and administrator of the Redline malware-as-a-service operation has been revealed: Russian national Maxim Rudometov.

How isolation technologies are shaping the future of Kubernetes security

In this Help Net Security interview, Emily Long, CEO at Edera, discusses the most common vulnerabilities in Kubernetes clusters and effective mitigation strategies.

OpenPaX: Open-source kernel patch that mitigates memory safety errors

OpenPaX is an open-source kernel patch that mitigates common memory safety errors, re-hardening systems against application-level memory safety attacks using a simple Linux kernel patch.

Police hacks, disrupts Redline, Meta infostealer operations

The Dutch National Police, along with partner law enforcement agencies, has disrupted the operation of the Redline and Meta infostealers and has collected information that may unmask users who paid to leverage the infamous malware.

IoT needs more respect for its consumers, creations, and itself

It’s past time for device makers to tighten endpoints and implement secure protocols, better authentication mechanisms, and stronger storage at the edge.

Why cyber tools fail SOC teams

In this Help Net Security video, Mark Wojtasiak, VP of Research and Strategy at Vectra AI, discusses where vendors and tools aren’t owning accountability and how SOCs are shifting strategies to improve their attack signal.

OT PCAP Analyzer: Free PCAP analysis tool

EmberOT’s OT PCAP Analyzer, developed for the industrial security community, is a free tool providing a high-level overview of the devices and protocols in packet capture files.

Risk hunting: A proactive approach to cyber threats

Cybersecurity is an overly reactive industry. Too often we act like firefighters, rushing from blaze to blaze, extinguishing flames hoping to keep the damage to a minimum, rather than fire suppression experts designing environments that refuse to burn.

Fraudsters revive old tactics mixed with modern technology

Threat actors continue to probe the payments ecosystem for vulnerabilities and were successful in conducting fraud schemes affecting multiple financial institutions, technologies, and processes, according to Visa.

A good cyber leader prioritizes the greater good

Geopolitical tensions are rising worldwide, attacks are becoming increasingly sophisticated, and nation-state threats on US organizations and critical infrastructure are at an all-time high.

The state of password security in 2024

In this Help Net Security video, John Bennett, CEO at Dashlane, discusses their recent Global Password Health Score Report, detailing the global state of password health and hygiene.

Top 10 strategic technology trends shaping the future of business

The ethical and responsible use of technology is fast becoming part of the mandate for CIOs, as organizations balance the need for progress with the protection of stakeholders’ trust and well-being, according to Gartner.

Adversarial groups adapt to exploit systems in new ways

In this Help Net Security video, Jake King, Head of Threat & Security Intelligence at Elastic, discusses the key findings from the 2024 Elastic Global Threat Report.

