Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
How CISOs navigate policies and access across enterprises
In this Help Net Security interview, Marco Eggerling, Global CISO at Check Point, discusses the challenge of balancing data protection with diverse policies, devices, and access controls in a distributed enterprise.
Enhancing adversary simulations: Learn the business to attack the business
In this Help Net Security interview, Jamieson O’Reilly, Founder of DVULN, discusses adversary simulations, shedding light on challenges rooted in human behavior, decision-making, and responses to evolving cyber threats.
Choosing the right partner when outsourcing cybersecurity
In this Help Net Security interview, Anya Shpilman, Senior Executive, Cyber Security Services at WDigital, discusses the benefits and potential risks of outsourcing cybersecurity services.
Key strategies for ISO 27001 compliance adoption
In this Help Net Security interview, Robin Long, founder of Kiowa Security, shares insights on how best to approach the implementation of the ISO/IEC 27001 information security standard.
Latio Application Security Tester: Use AI to scan your code
Latio Application Security Tester is an open-source tool that enables the usage of OpenAI to scan code from the CLI for security and health issues.
Prowler: Open-source security tool for AWS, Google Cloud Platform, Azure
Prowler is an open-source security tool designed to assess, audit, and enhance the security of AWS, GCP, and Azure.
SOAPHound: Open-source tool to collect Active Directory data via ADWS
SOAPHound is an open-source data collection tool capable of enumerating Active Directory environments through the Active Directory Web Services (ADWS) protocol.
AnyDesk has been hacked, users urged to change passwords
AnyDesk Software GmbH, the German company behind the widely used (and misused) remote desktop application of the same name, has confirmed they’ve been hacked and their production systems have been compromised.
Deepfaked video conference call makes employee send $25 million to scammers
A deepfake video conference call paired with social engineering tricks has led to the theft of over US$25 million from a multinational firm, the South China Morning Post has reported.
Lagging Mastodon admins urged to patch critical account takeover flaw (CVE-2024-23832)
Five days after Mastodon developers pushed out fixes for a remotely exploitable account takeover vulnerability (CVE-2024-23832), over 66% of Mastodon servers out there have been upgraded to close the hole.
Ivanti Connect Secure flaw massively exploited by attackers (CVE-2024-21893)
CVE-2024-21893, a server-side request forgery (SSRF) vulnerability affecting Ivanti Connect Secure VPN gateways and Policy Secure (a network access control solution), is being exploited by attackers.
The fight against commercial spyware misuse is heating up
Though there are organizations out there investigating how commercial spyware is misused to target journalists, human rights defenders and dissidents, the growing market related to the development and sale of this type of software and the exploits used to deploy it is still very much shrouded in mystery.
Akira, LockBit actively searching for vulnerable Cisco ASA devices
Akira and Lockbit ransomware groups are trying to breach Cisco ASA SSL VPN devices by exploiting several older vulnerabilities, security researcher Kevin Beaumont is warning.
LassPass is not LastPass: Fraudulent app on Apple App Store
A fraudulent app named “LassPass Password Manager” that mimics the legitimate LastPass mobile app can currently be found on Apple’s App Store, the password manager maker is warning.
Spoutible API exposed encrypted password reset tokens, 2FA secrets of users
A publicly exposed API of social media platform Spoutible may have allowed threat actors to scrape information that can be used to hijack user accounts.
Common cloud security mistakes and how to avoid them
According to recent surveys, 98% of organizations keep their financial, business, customer and/or employee information in the cloud but, at the same time, 95% of cloud security professionals are not sure their security protections and their team would manage to detect and respond to security threats or incidents affecting their cloud infrastructure.
On-premises JetBrains TeamCity servers vulnerable to auth bypass (CVE-2024-23917)
JetBrains has patched a critical authentication bypass vulnerability (CVE-2024-23917) affecting TeamCity On-Premises continuous integration and deployment servers.
Chinese hackers breached Dutch Ministry of Defense
Chinese state-sponsored hackers have breached the Dutch Ministry of Defense (MOD) last year and deployed a new remote access trojan (RAT) malware to serve as a backdoor.
Why we fall for fake news and how can we change that?
Have you ever been swept away by an enticing headline and didn’t bother to probe the news in-depth?
Migrating to the cloud: An overview of process and strategy
Over the next few years, the number of organizations navigating to the cloud to advance their business goals is expected to grow exponentially
Exploring NIST Cybersecurity Framework 2.0
In this Help Net Security video, Dan Erel, VP of Security at SeeMetrics, discusses NIST Cybersecurity Framework (CSF) 2.0.
10 must-read cybersecurity books for 2024
Our list of cybersecurity books has been curated to steer your professional growth in 2024.
3 ways to achieve crypto agility in a post-quantum world
Crypto agility is the foundation for digital trust. As more enterprises speed up app development and build networks connecting many functions (often in the cloud), they rely on encryption keys and digital certificates to secure communications channels between users, applications and other assets.
Demystifying SOC-as-a-Service (SOCaaS)
In this Help Net Security video, Erik Holmes, CEO of Cyber Guards, unpacks what a SOCaaS is, how it works, and how to use it.
Researchers discover exposed API secrets, impacting major tech tokens
Escape’s security research team scanned 189.5 million URLs and found more than 18,000 exposed API secrets.
10 tips for creating your security hackathon playbook
Hackathon events bring together product and security experts for the sole purpose of finding security vulnerabilities within a product.
How threat actors abuse OAuth apps
In this Help Net Security video, Tal Skverer, Research Team Lead at Astrix Security, shares insights on how threat actors abuse OAuth apps as an easy, unmonitored way into companies’ environments.
Paying ransoms is becoming a cost of doing business for many
Today’s pervasive cyberattacks are forcing the majority of companies to pay ransoms and break their ‘do not pay’ policies, with data recovery deficiencies compounding the problem, according to Cohesity.
February 2024 Patch Tuesday forecast: Zero days are back and a new server too
January 2024 Patch Tuesday is behind us. A relatively light release from Microsoft with 39 CVEs addressed in Windows 10, 35 in Windows 11, and surprisingly no zero-day vulnerabilities from Microsoft to start the new year.
How companies are misjudging their data privacy preparedness
In this Help Net Security video, Karen Schuler, Global Privacy & Data Protection Chair at BDO, discusses overconfidence in data privacy and data protection practices.
Businesses banning or limiting use of GenAI over privacy risks
Findings from a new Cisco study highlight the growing Privacy concerns with GenAI, trust challenges facing organizations over their use of AI, and the attractive returns from privacy investment.
Whitepaper: Why Microsoft’s password protection is not enough
Microsoft’s Azure AD Password Protection, now rebranded as Microsoft Entra ID helps users create a password policy they hope will protect their systems from account takeover and other identity and access management issues.
New infosec products of the week: February 9, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Cisco, Metomic, OPSWAT, Qualys, and Varonis.