Last week was filled with interesting news, articles, interviews, and videos from the cybersecurity world. Let’s take a closer look at some of the highlights:
David Christensen, the CISO of PlanSource, shared his perspective on why boards often fail to fully grasp the risks associated with cyber attacks. In an interview with Help Net Security, Christensen proposed strategies to help board members understand and acknowledge the broader implications of cybersecurity risk management, strategy, and governance within an organization.
In another interview, Anna Knizhnik, Director of Product Management for Cloud AI at Google Cloud, discussed how Google Cloud’s AML AI is redefining the fight against money laundering. Knizhnik explained how their technology outperforms existing systems, reduces operational costs, enhances governance, and improves the customer experience by minimizing false positives and compliance verification checks.
Rockwell Automation, a leading industrial automation company, addressed two vulnerabilities in the communication modules of its ControlLogix industrial programmable logic controllers (PLCs). The vulnerabilities, identified as CVE-2023-3595 and CVE-2023-3596, were fixed before any in-the-wild exploitation could occur.
Chinese hackers made headlines by forging authentication tokens to breach government emails. These hackers gained unauthorized access to email accounts by utilizing authentication tokens they had forged using a Microsoft account (MSA) consumer signing key.
Microsoft released its July 2023 Patch Tuesday updates, delivering a total of 130 patches. Among them were fixes for four vulnerabilities that were actively exploited by attackers. However, a patch for CVE-2023-36884, an Office and Windows HTML RCE vulnerability targeted at defense and government entities in Europe and North America, was notably absent.
Apple also released an emergency fix for an actively exploited zero-day vulnerability (CVE-2023-37450) affecting iPhones, iPads, and Macs. The release of Rapid Security Response updates aimed to address this critical security issue promptly.
Meta’s new microblogging platform Threads gained momentum, attracting attention and enthusiasm. However, some individuals exploited the fact that the app couldn’t officially serve users in certain regions, including the European Union, China, and Russia.
In a concerning incident, organized criminal groups exploited a flaw in Revolut’s payment systems, resulting in the theft of over $20 million. According to the Financial Times, these groups took advantage of the vulnerability to make off with significant sums of money belonging to the company.
A new tool was released that automates the delivery of malware to Microsoft Teams users. This tool enables external attackers to target employees’ Microsoft Teams inboxes easily, raising concerns about the security of this popular collaboration platform.
A cyberattack targeting Australian law firm HWL Ebsworth made headlines in April 2023. The attack potentially compromised the data of hundreds of clients and dozens of government agencies, highlighting the ongoing threat posed by cybercriminals to law firms and sensitive information.
As the reliance on generative AI tools like ChatGPT increases, so does the utilization of these systems by cybercriminals for malicious purposes. Acronis reported a surge in email-based phishing attacks that leverage AI technology to craft sophisticated and convincing content.
With summer in full swing, cybersecurity best practices for remote work during this season were discussed in a video interview with Jeremy Ventura, Director of Security Strategy & Field CISO at ThreatX. The discussion emphasized the need for employees to be cautious when accessing corporate data using personal devices, as these devices may provide an entry point for cybercriminals.
The ransomware crime industry continues to evolve, with attackers now able to purchase effective malware, infrastructure, and phishing campaigns. These developments make it increasingly difficult to identify the real culprits behind security incidents.
The White House published the National Cybersecurity Strategy Implementation Plan (NCSIP) as part of its efforts to protect critical infrastructure, develop clean energy sectors, and strengthen America’s technology and manufacturing base. This plan, along with other major Administration initiatives, aims to safeguard investments in various sectors.
Brianna McGovern, Product Manager for Attack Surface Management at NetSPI, delved into the topic of Attack Surface Management in a video interview. The discussion highlighted the importance of identifying and protecting the unknown areas of an organization’s digital infrastructure to maintain robust cybersecurity defenses.
The shift towards passwordless authentication has been widely acknowledged as the future of secure access. However, organizations face significant change management challenges when implementing this new authentication method.
The latest version of the Common Vulnerability Scoring System (CVSS 4.0) was unveiled by FIRST. This updated system will help assess the real-time threat and impact of vulnerabilities, offering security professionals a more accurate way to prioritize and address potential risks.
Ransomware attacks continue to pose a significant threat, with Zscaler reporting a 37% increase in attacks compared to the previous year. The average ransom demand reached $5.3 million, while enterprise ransom payments exceeded $100,000 on average.
According to a survey by SpyCloud, security leaders are particularly concerned about attacks that leverage malware to exfiltrate authentication data. Over 53% expressed extreme concern about this type of attack, reflecting the growing emphasis on safeguarding authentication credentials.
Cloud security remains a major concern, with Thales reporting that 39% of businesses experienced a data breach in their cloud environment last year. This uptick in breaches highlights the need for robust security measures to protect sensitive data stored in the cloud.
Critical security vulnerabilities were discovered in two open-source platforms, Owncast and EaseProbe, both written in Go. Oxeye, the organization that uncovered the vulnerabilities, urges immediate action to mitigate the risks associated with these flaws.
For those interested in pursuing a career in cybersecurity, Help Net Security released the Ultimate Guide to Certified in Cybersecurity (CC). This guide covers everything aspiring professionals need to know about this entry-level credential recognized by organizations worldwide.
Finally, new infosec products released during the week included offerings from Fidelis Cybersecurity, Hubble, NETSCOUT, Regula, and WatchGuard. These products promise innovative solutions to address the evolving challenges of cybersecurity.
Throughout last week, the cybersecurity landscape witnessed various developments, ranging from interviews with industry experts to the discovery of critical vulnerabilities and the release of new products. These events underscore the ongoing need for robust cybersecurity measures to mitigate risks and protect organizations from ever-evolving threats.