Week in review: 15 million Trello users’ scraped data on sale, attackers can steal NTLM hashes


Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

The reality of hacking threats in connected car systems
In this Help Net Security interview, Ivan Reedman, Director of Secure Engineering at IOActive, discusses how manufacturers, government regulations, and consumers are adapting to these new challenges.

Beyond blockchain: Strategies for seamless digital asset integration
In this Help Net Security interview, Jean-Philippe Aumasson, CSO at Taurus, emphasizes the often-overlooked complexities of key generation, storage, and distribution, underlining the necessity for a high level of security maturity in handling digital assets.

Prioritizing CIS Controls for effective cybersecurity across organizations
In this Help Net Security interview, Randy Marchany, CISO at Virginia Tech, discusses the challenges and strategies associated with implementing CIS Controls in organizations of varying sizes.

CISOs’ role in identifying tech components and managing supply chains
In this Help Net Security interview, Nate Warfield, Director of Threat Research and Intelligence at Eclypsium, outlines the crucial tasks for CISOs in protecting supply chains and achieving comprehensive visibility.

Emerging trends and strategies in digital forensics
In this Help Net Security interview, Amber Schroader, CEO at Paraben Corporation, discusses the challenges posed by the complexity of modern computer systems and networks on digital evidence collection.

CloudFoxable: Open-source AWS penetration testing playground
CloudFoxable is a capture-the-flag (CTF) style learning platform you can deploy to your playground AWS account.

Automated Emulation: Open-source breach and attack simulation lab
Automated Emulation is an open-source Terraform template designed to create a customizable, automated breach and attack simulation lab.

Attackers can steal NTLM password hashes via calendar invites
A recently patched vulnerability in Microsoft Outlook (CVE-2023-35636) that can be used by attackers to steal users’ NTLM v2 hashes can be exploited by adding two headers to an email carrying a specially crafted file, security researcher Dolev Taler has shared on Friday.

Data of 15 million Trello users scraped and offered for sale
Someone is selling scraped data of millions of users of Trello, a popular a web-based list-making application and project management platform, on a dark web hacker forum.

Apple debuts new feature to frustrate iPhone thieves
Besides fixing an actively exploited zero-day vulnerability, the latest update for the iOS 17 branch offers a new feature to help you protect your accounts and sensitive information in case your iPhone gets stolen.

PoC for easily exploitable Fortra GoAnywhere MFT vulnerability released (CVE-2024-0204)
Proof-of-concept (PoC) exploit code for a critical vulnerability (CVE-2024-0204) in Fortra’s GoAnywhere MFT solution has been made public, sparking fears that attackers may soon take advantage of it.

What makes ransomware victims less likely to pay up?
There’s a good reason why ransomware gangs started exfiltrating victims’ data instead of just encrypting it: those organizations pay more.

Tietoevry ransomware attack halts Swedish organizations
Finnish IT software and service company Tietoevry has suffered a ransomware attack that affected several customers of one of its datacenters in Sweden.

Apple fixes actively exploited WebKit zero-day (CVE-2024-23222)
Apple has fixed an actively exploited zero-day vulnerability (CVE-2024-23222) that affects Macs, iPhones, iPads and AppleTVs.

Fighting insider threats is tricky but essential work
Business executives are worried about accidental internal staff error (71%) almost as much as they are worried about external threats (75%). But which of the two is a bigger threat to a company?

AI expected to increase volume, impact of cyberattacks
All types of cyber threat actor are already using artificial intelligence (AI) to varying degrees, UK National Cyber Security Centre’s analysts say, and predict that AI “will almost certainly increase the volume and heighten the impact of cyberattacks over the next two years.”

Russian hackers breached Microsoft, HPE corporate maliboxes
Cozy Bear (aka Midnight Blizzard, aka APT29) has been busy hacking and spying on big tech companies: both Microsoft and Hewlett Packard Enterprise (HPE) have recently disclosed successful attack campaigns by the Russia-affiliated APT group.

Without clear guidance, SEC’s new rule on incident reporting may be detrimental
The SEC has instituted a set of guidelines “requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their cybersecurity risk management, strategy, and governance.

Top cybersecurity concerns for the upcoming elections
In this Help Net Security video, Adam Marrè, CISO at Arctic Wolf, explains how state and local governments must focus on cybersecurity as the 2024 election approaches in the United States.

10 USA cybersecurity conferences you should visit in 2024
10 USA cybersecurity conferences you should visit in 2024.

Why cyberattacks mustn’t be kept secret
No company is immune to cyberattacks, but when the inevitable happens, too many companies still try to maintain a wall of silence.

Why resilience leaders must prepare for polycrises
In this Help Net Security video, Frank Shultz, CEO of Infinite Blue, discusses how more frequent and severe disruptions and our increasingly interconnected world collide to create a new threat for resilience leaders to manage: polycrises.

New method to safeguard against mobile account takeovers
Computer science researchers have developed a new way to identify security weaknesses that leave people vulnerable to account takeover attacks, where an attacker gains unauthorized access to online accounts.

The effect of omission bias on vulnerability management
Whether we’d like to admit it to ourselves or not, all humans harbor subconscious biases that powerfully influence our behavior. One of these is the omission bias, which has interesting ramifications in the world of cyber security, specifically vulnerability management.

In 2024, AI and ML shift from flashy to functional
In this Help Net Security video, George Tziahanas, AGC and VP of Compliance at Archive360, identifies core areas that may not have received enough attention yet, but likely will in the months ahead.

Whitepaper: MFA misconceptions
Read the “MFA Misconceptions” whitepaper to understand its limitations and how integrating it with other robust security measures is crucial for building a resilient defense mechanism.

New infosec products of the week: January 26, 2024
Here’s a look at the most interesting products from the past week, featuring releases from 1Kosmos, Atakama, Onfido, Regula, Searchlight Cyber, Seceon, and Veriti.



Source link