CyberSecurity SEE

Week in Review: Microsoft Confirms DDoS Attacks on M365 and Azure Portal, Infosecurity Europe 2023

Week in Review: Microsoft Confirms DDoS Attacks on M365 and Azure Portal, Infosecurity Europe 2023

Last week was filled with important news, articles, interviews, and videos that focused on various aspects of cybersecurity. From threats facing telecom companies to the significance of zero trust and supply chain security, here’s a roundup of the most notable highlights.

One of the key interviews conducted by Help Net Security featured Georgia Bafoutsou, the Cybersecurity Officer at the European Union Agency for Cybersecurity (ENISA). She delved into the multifaceted threats faced by telecom companies and their stakeholders, including third-party providers and subscribers. Bafoutsou highlighted the common attack vectors used by cybercriminals to target these organizations, emphasizing the need for robust security measures to safeguard sensitive data.

Another interview shed light on how Google is empowering its security and networking solutions with artificial intelligence (AI). Sunil Potti, the GM and VP of Cloud Security at Google Cloud, discussed how AI-powered solutions can enhance security and enable Google’s customers to tackle evolving threats proactively. By leveraging AI, Google aims to stay ahead of the ever-changing threat landscape and provide its customers with effective security solutions.

An interview with Patricia Thaine, CEO at Private AI, explored the compliance challenges businesses face when using ChatGPT in a commercial context. Thaine discussed privacy concerns related to using ChatGPT, as well as the potential risks businesses may face if they fail to protect customer trust. As the use of AI in business settings becomes more prevalent, ensuring data protection and compliance with privacy regulations is crucial.

Infosecurity Europe 2023 also took place last week at ExCeL London. Help Net Security was on-site to cover the event, which brought together industry professionals to discuss the latest trends, innovations, and challenges in cybersecurity. The event provided a valuable platform for networking and knowledge sharing among professionals in the field.

In terms of vulnerabilities and patches, researchers uncovered a vulnerability in Microsoft Teams that could allow attackers to deliver malware directly into employees’ inboxes. This highlights the importance of regularly updating software and implementing robust security measures to prevent such attacks.

Apple also released patches for three zero-day vulnerabilities that were exploited in the wild. These vulnerabilities could have allowed attackers to launch spyware attacks on Apple devices. Similarly, a vulnerability in VMware Aria Operations for Networks (formerly vRealize Network Insight) was found to be actively exploited. VMware promptly released a patch to address the vulnerability.

Zyxel, a manufacturer of network attached storage (NAS) devices, issued firmware patches for a critical vulnerability in some of its consumer NAS devices. This vulnerability could have allowed unauthorized access to sensitive data stored on these devices. Similarly, Progress Software asked its MOVEit Transfer customers to update their installations once again to address a third SQL injection vulnerability. This incident underscores the importance of maintaining up-to-date software and promptly addressing security vulnerabilities.

The concept of zero trust in the cloud was also explored in an article. While some organizations believe that cloud workloads are inherently more secure, the article highlighted the need for a comprehensive zero trust approach to security. Trusting cloud service providers alone is not sufficient, and organizations must adopt robust security measures to protect their assets in the cloud.

The potential of ChatGPT in detecting phishing sites was another topic of interest. While ChatGPT can be used to generate phishing sites, researchers are exploring its capabilities to detect them reliably. This research has significant implications for improving phishing prevention measures.

In a video interview, Nick Mistry, SVP and CISO at Lineaje, shared tips on simplifying compliance processes with U.S. Executive Order 14028. Compliance with executive orders and regulations can be complex, and organizations need to follow best practices to ensure they meet the required standards.

The significance of open source in cloud-native security was also discussed. As organizations move towards cloud-native environments, they need to consider the suitability of their existing security solutions. Open source solutions can offer unique advantages in addressing the specific security challenges posed by cloud-native architectures.

A concerning trend highlighted compromised Linux SSH servers that were used in DDoS attacks and cryptocurrency mining. Poorly managed Linux SSH servers became targets, and unknown attackers hijacked them to carry out illicit activities. This serves as a reminder to maintain proper security configurations and practices for all systems.

Bradon Rogers, Chief Customer Officer at Island, provided an overview of the Island Enterprise Browser. This browser is specifically designed for enterprise use, with features that prioritize security and productivity within corporate environments.

Software bills of materials (SBOMs) and their importance in software supply chain security were discussed in detail. Organizations are increasingly recognizing the need for transparency in their software supply chain, and SBOMs play a crucial role in achieving this. By providing a detailed list of all components and dependencies, SBOMs enable organizations to track and manage the security of their software supply chain effectively.

Microsoft confirmed that the recent outages experienced by Microsoft 365 and Azure Portal users were caused by Layer 7 DDoS attacks. Layer 7 attacks specifically target web applications and can disrupt services. Microsoft’s confirmation underscores the need for robust DDoS protection measures to mitigate such attacks.

The future of passwords and authentication was also a topic of interest. Michael Crandell, CEO of Bitwarden, discussed the trends and advancements in password security and authentication methods. As cyber threats evolve, organizations must stay updated and adopt secure authentication practices to protect their systems and data.

CIS Control mapping and its significance in optimizing security resources were highlighted in an article. By aligning security measures with real-world security incidents, organizations can more effectively allocate their resources and prioritize their efforts to mitigate risks.

According to Accenture, organizations that closely align their cybersecurity programs with business objectives are more likely to achieve revenue growth, market share improvement, and customer satisfaction. Furthermore, these organizations are also more likely to reduce the cost of cybersecurity breaches and incidents. This emphasizes the importance of integrating cybersecurity into the overall business strategy.

In another video interview, Jacob Garrison, Security Researcher for Bionic, explained the limitations of shifting left in application security. While shifting left allows for earlier detection and resolution of security flaws, it is not a comprehensive solution. Garrison discussed the need for a holistic approach that considers security at all stages of the software development lifecycle.

Recon, the initial stage of the penetration testing process, was explored in an article that highlighted ten open-source recon tools worth considering. These tools enable testers to gather critical information about their targets and strategize their penetration testing activities effectively.

Improving DevOps productivity while maintaining security was discussed in a video interview with Ev Kontsevoy, CEO at Teleport. He emphasized the importance of integrating security into DevOps processes to achieve a balance between productivity and risk mitigation.

Group-IB uncovered compromised credentials within the logs of info-stealing malware traded on the dark web. These compromised credentials have gained popularity on illicit marketplaces over the past year. This highlights the importance of strong and unique passwords, as well as the significance of regularly monitoring and securing user credentials.

Randy Abrams, Senior Security Analyst at SecureIQLab, emphasized the importance of proactive security investments in a changing macroeconomic climate. Taking a proactive approach to cybersecurity can help organizations minimize risks and mitigate the impact of potential security incidents. The video interview provided valuable insights into making suitable security investments to protect against emerging threats.

Fortinet reported that IT teams have made progress in implementing zero trust strategies and securing remote workers. As the network landscape evolves, organizations are realizing the importance of adopting a zero trust approach to address new challenges and threats. However, integration remains a hurdle that organizations must overcome to fully embrace the benefits of zero trust architecture.

Tony Turner discussed the security of the product supply chain and the need for increased awareness and measures beyond traditional security practices. With the rise in firmware and binary analysis, as well as the adoption of software bills of materials (SBOMs), organizations are making strides in securing their supply chains. However, there is still work to be done to ensure comprehensive supply chain security.

Finally, Help Net Security featured several new infosec products released in the past week. These products, from companies such as Cymulate, Edgescan, ESET, Island, iStorage, and Netskope, offer innovative solutions focused on enhancing cybersecurity and addressing emerging threats.

Overall, last week’s cybersecurity news, articles, interviews, and videos covered a wide range of important topics. From vulnerabilities and patches to emerging trends and innovative solutions, the industry continues to evolve in its efforts to protect against cyber threats.

Source link

Exit mobile version