Last week saw a myriad of developments in the world of cybersecurity, ranging from the latest vulnerabilities and attacks to advances in technology and preventative measures. Here are some of the most noteworthy news stories:
The CEO of Wireless Broadband Alliance, Tiago Rodrigues, spoke with Help Net Security about the significant role of Wi-Fi 6E and Private 5G in the future of enterprise networking. Rodrigues emphasized the importance of these technologies for handling increased traffic, improving security, and enabling new applications.
Dr. Atsushi Yamada, the newly appointed CEO of security solutions company ISARA, discussed the quantum leap in cybersecurity with Help Net Security. Yamada discussed the importance of developing quantum-safe cryptography, given the increasing processing power of quantum computers and the potential threat this poses to traditional cryptographic methods.
Barracuda Networks warned that attackers have exploited a zero-day vulnerability (CVE-2023-2868) in its Email Security Gateway (ESG) appliances. The company advised customers to update their firmware as soon as possible in order to mitigate the risk.
Developers using Microsoft’s Azure DevOps Services can now access GitHub’s application security testing tools. This will allow users to identify vulnerabilities in their code more easily and respond to them in a timely manner.
Rapid7 researchers warned that a command injection vulnerability (CVE-2023-28771) affecting a variety of Zyxel firewalls could soon be exploited in the wild. The researchers published a detailed technical analysis and proof-of-concept script for triggering the vulnerability, with the aim of raising awareness among users and encouraging them to take action.
Phishers have been using encrypted restricted-permission messages (.rpmsg) attached to phishing emails in order to steal Microsoft 365 account credentials. This approach disguises the messages as legitimate and makes it harder for security systems to detect them.
A new ransomware operation is using previously leaked payloads from LockBit and Babuk to launch attacks on both Windows and Linux systems. The operation, known as Buhti ransomware, highlights the ongoing threat posed by ransomware and the need for robust defenses.
Identity and access management (IAM) teams face many challenges during mergers and acquisitions (M&As). Help Net Security explored these issues, offering insights into how teams can prepare for M&As and ensure a successful outcome.
Researchers at Inky discovered a phishing campaign that targets ChatGPT users, using the guise of OpenAI to steal business email account credentials. The campaign highlights the ongoing threat posed by phishing attacks and the importance of staying vigilant.
IT employees can pose a significant risk to their organization’s cybersecurity, as demonstrated by a recent court case in which a former IT employee was convicted of blackmailing and unauthorized access to a computer with the intent to commit other offenses. Organizations must take measures to prevent such actions and ensure that all employees are aware of the risks.
Remote and hybrid working practices have brought numerous benefits to various industries but also introduced new cyber threats, particularly in the critical infrastructure sector. CISA’s Cybersecurity Performance Goals offer a proactive guide to achieving effective OT security.
Simple open-source intelligence (OSINT) techniques can be effective in detecting disinformation campaigns, fake reviews, and hate speech generated by AI language models like ChatGPT. By analyzing error messages, security professionals can identify potential threats and take action to mitigate them.
Continuous security monitoring can be challenging, particularly when new threats emerge. In this Help Net Security video, Wesley Van Zyl of Scytale discusses how organizations can keep track of all their security controls and respond effectively to emerging cybersecurity threats.
Gartner identified six specific risks associated with ChatGPT and advised legal and compliance leaders to establish guardrails to ensure responsible enterprise use of generative AI tools.
Generative AI is reshaping the identity verification landscape and empowering organizations to detect fraudulent activity more effectively than ever before. Peter Violaris of OCR Labs discussed the impact of generative AI on identity verification in a Help Net Security video.
Armorblox found that the majority of organizations use six or more communication tools, with email remaining the channel seen as most vulnerable to attacks. This indicates a need for better cybersecurity measures across all communication channels to prevent breaches and protect sensitive information.
There is a significant discrepancy between how companies perceive their OT security posture and the harsh reality they often face. In this Help Net Security video, Daniel Bren of OTORIO discussed the gap between security assumptions and reality and what organizations can do to strengthen their defenses.
Ivanti reported a sharp increase in breaches associated with ransomware in March 2023. The company advised organizations to stay vigilant and take proactive measures to prevent attacks.
Matt Radolec of Varonis offered advice for CISO-level executives to enhance the security of corporate cloud data in a Help Net Security video. Radolec emphasized the importance of identifying and mitigating potential risks before they can be exploited by cybercriminals.
Researchers at ESET discovered a trojanized Android app named iRecorder – Screen Recorder that transformed into data-snooping malware. The app was available on Google Play as a legitimate app but gained malicious functionality in August 2022.
Cado Labs analyzed Legion, a cloud-focused malware family that poses a significant threat to cloud-based systems. In this Help Net Security video, Matt Muir of Cado Security overviews Legion’s cloud-specific functionality and advises organizations on how to defend against it.
NSA and Five Eyes partner agencies identified indicators of compromise associated with a state-sponsored cyber actor, Volt Typhoon, that is using living off the land techniques to target networks across US critical infrastructure. The incident highlights the need for robust cybersecurity measures across all critical infrastructure sectors.
Lynn Marks of Imperva discussed malicious bot activity in a Help Net Security video. Marks emphasized the significant impact that bots can have on organizations and advised on effective ways to protect against these threats.
Despite the growing concern about API security, many companies have yet to implement effective measures to protect against cyber attacks. Traceable AI reported a lack of implementation across most companies and emphasized the need for better cybersecurity measures.
ISO 31030 offers a standardized approach to travel risk management, guiding organizations on how to manage risks to their business and travelers. In a Help Net Security video, Tracy Reinhold of Everbridge discussed how ISO 31030 can help enhance travel safety protocols.
McAfee reported that 30% of adults have fallen victim or know someone who has fallen victim to an online scam while trying to save money on holiday travel. This serves as a reminder of the importance of staying vigilant and aware of potential threats when booking travel arrangements.
Finally, a post on Help Net Security explored what flying a plane can teach us about cybersecurity. The post highlighted the importance of risk management, situational awareness, and teamwork in both aviation and cybersecurity.