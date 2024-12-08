Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Veeam plugs serious holes in Service Provider Console (CVE-2024-42448, CVE-2024-42449)

Veeam has fixed two vulnerabilities in Veeam Service Provider Console (VSPC), one of which (CVE-2024-42448) may allow remote attackers to achieve code exection on the VSPC server machine.

December 2024 Patch Tuesday forecast: The secure future initiative impact

It seems like 2024 just started, but the final Patch Tuesday of the year is almost here! In retrospect, it has been a busy year with continued Windows 11 releases, the new Server 2025 release, and all the patches we’ve needed to deal with on Patch Tuesdays (and in between).

$400M seized, 5,500 arrested in global operation targeting cyber fraud

A coordinated international operation involving law enforcement agencies from 40 countries led to the arrest of over 5,500 individuals linked to financial crimes and the confiscation of more than $400 million in virtual assets and government-backed currencies.

Windows, macOS users targeted with crypto-and-info-stealing malware

Downloading anything from the internet is a gamble these days: you might think that you are downloading an innocuous app from a legitimate firm but thanks to clever misuse of AI and some social engineering, you can end up with information and cryptocurrency-stealing malware.

SafeLine: Open-source web application firewall (WAF)

SafeLine is an open-source and self-hosted Web Application Firewall (WAF) that protects websites from cyber attacks.

How to choose secure, verifiable technologies?

The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has published a guidance document titled Choosing Secure and Verifiable Technologies, compiled to assist organizations in making informed decisions when procuring software (proprietary or open source), hardware (e.g., IoT devices), and cloud services (SaaS, MSP services).

Building a robust security posture with limited resources

In this Help Net Security interview, Gareth Lindahl-Wise, CISO at Ontinue, discusses how business leaders can align innovation with cybersecurity, tackle the risks posed by legacy systems, and build defenses for startups.

Mitel MiCollab zero-day and PoC exploit unveiled

A zero-day vulnerability in the Mitel MiCollab enterprise collaboration suite can be exploited to read files containing sensitive data, watchTowr researcher Sonny Macdonald has disclosed, and followed up by releasing a proof-of-concept (PoC) exploit that chains together this zero-day file read vulnerability with CVE-2024-41713, which allows attackers to bypass authentication.

How the Shadowserver Foundation helps network defenders with free intelligence feeds

In this Help Net Security interview, Piotr Kijewski, CEO of The Shadowserver Foundation, discusses the organization’s mission to enhance internet security by exposing vulnerabilities, malicious activity, and emerging threats.

8 US telcos compromised, FBI advises Americans to use encrypted communications

FBI and Cybersecurity and Infrastructure Security Agency (CISA) officials have advised Americans to use encrypted call and messaging apps to protect their communications from threat actors that have – and will – burrow into the networks and systems of US telecommunication companies.

Securing AI’s new frontier: Visibility, governance, and mitigating compliance risks

In this Help Net Security interview, Niv Braun, CEO at Noma Security, discusses the difficulties security teams face due to the fragmented nature of AI processes, tools, and teams across the data and AI lifecycle.

Solana’s popular web3.js library backdoored in supply chain compromise

A software supply chain attack has lead to the publication of malicious versions of Solana’s web3.js library on the npm registry.

Nextcloud Talk: Open-source, GDPR-compliant alternative to Microsoft Teams

Nextcloud has unveiled Nextcloud Talk, an open-source alternative to Microsoft Teams. It’s a privacy-compliant collaboration platform for hybrid teams that gives companies complete control over their data.

How widespread is mercenary spyware? More than you think

A targeted hunt on 2,500 mobile devices for indicators of compromise associated with mercenary spyware has revealed that its use is not as rare as one would hope.

Treat AI like a human: Redefining cybersecurity

In this Help Net Security interview, Doug Kersten, CISO of Appfire, explains how treating AI like a human can change the way cybersecurity professionals use AI tools.

PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785)

Researchers have published a proof-of-concept (PoC) exploit for CVE-2024-8785, a critical remote code execution vulnerability affecting Progress WhatsUp Gold, a popular network monitoring solution for enterprises.

Inside the 2024 CWE Top 25: Trends, surprises, and persistent challenges

In this Help Net Security interview, Alec Summers, Project Leader for the CVE Program at MITRE, shares his insights on the 2024 CWE top 25 most dangerous software weaknesses.

Police takes down Matrix encrypted chat service used by criminals

A joint investigation team involving French and Dutch authorities has taken down Matrix, yet another end-to-end encrypted chat service created for criminals.

Preparing for Q-day: The essential role of cloud migration in securing enterprise data

As the era of quantum computing draws closer, businesses face a new and unprecedented threat to data security: “Q-day.”

Phishers send corrupted documents to bypass email security

Phishers have come up with a new trick for bypassing email security systems: corrupted MS Office documents.

5 reasons to double down on network security

Cybersecurity programs have evolved significantly over the past few decades. The advent of cloud computing shattered the conventional corporate perimeter, forcing organizations to update their defense strategies.

US government, energy sector contractor hit by ransomware

ENGlobal, a Texas-based engineering and automation contractor for companies in the energy sector, has had its data encrypted by attackers.

Building trust in tokenized economies

In this Help Net Security video, Jeremy Bradley, COO of Zama, explores the emerging privacy-preserving technologies that can help solve this challenge, focusing on Fully Homomorphic Encryption (FHE), which enables data to remain encrypted even during processing, positioning it as a potential cornerstone for secure, decentralized environments.

65% of office workers bypass cybersecurity to boost productivity

High-risk access exists throughout the workplace, in almost every job role, proving that the time has come for organizations to re-think the way they protect their workforce, according to CyberArk.

The shocking speed of AWS key exploitation

It’s no secret that developers often inadvertently expose AWS access keys online and we know that these keys are being scraped and misused by attackers before organizations get a chance to revoke them.

Best practices for staying cyber secure during the holidays

In this Help Net Security video, Sean Tufts, managing partner for critical infrastructure and operational technology at Optiv, discusses best practices for keeping businesses secure amidst a barrage of threats during the holiday season.

70% of open-source components are poorly or no longer maintained

The geographic distribution of open-source contributions introduces geopolitical risks that organizations must urgently consider, especially with rising nation-state attacks, according to Lineaje.

AWS offers incident response service

Amazon Web Services (AWS) has launched a new service to help organizations prepare for and recover from ransomware attacks, account takeovers, data breaches, and other security events: AWS Security Incident Response (SIR).

How AI is transforming human risk management

In this Help Net Security video, Bret Fund, SVP and General Manager at Infosec Institute, discusses how human risk management should be at the core of an organization’s risk management strategy, especially in the age of AI.

Data scientists create tool to spot fake images

Pixelator v2 is a tool to spot fake images. It uses a new combination of image veracity techniques with capability beyond what can be seen by the human eye.

New infosec products of the week: December 6, 2024

Here’s a look at the most interesting products from the past week, featuring releases from Datadog, Fortinet, Radiant Logic, Sweet Security, Tenable, and Veza.