Week in review: CDK Global cyberattack, critical vCenter Server RCE fixed


Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

The rise of SaaS security teams
In this Help Net Security interview, Hillary Baron, Senior Technical Director for Research at CSA, highlights that the recent surge in organizations establishing dedicated SaaS security teams is driven by significant data breaches involving widely used platforms.

Enhancing security through collaboration with the open-source community
In this Help Net Security interview, Alan DeKok, CEO at NetworkRADIUS, discusses the need for due diligence in selecting and maintaining open-source tools, and brings out the potential risks and benefits of collaborating with the open-source community to enhance software security.

From passwords to passkeys: Enhancing security and user satisfaction
In this Help Net Security interview, Julianna Lamb, Stytch CTO, discusses the advantages of passwordless authentication. Eliminating passwords reduces data breaches and improves user experience by simplifying the login process.

Ghidra: Open-source software reverse engineering framework
Ghidra, a cutting-edge open-source software reverse engineering (SRE) framework, is a product of the National Security Agency (NSA) Research Directorate.

SELKS: Open-source Suricata IDS/IPS, network security monitoring, threat hunting
SELKS is a free, open-source, turnkey solution for Suricata-based network intrusion detection and protection (IDS/IPS), network security monitoring (NSM), and threat hunting. The project is developed and maintained by Stamus Networks.

Cilium: Open-source eBPF-based networking, security, observability
Cilium is an open-source, cloud-native solution that leverages eBPF technology in the Linux kernel to provide, secure, and monitor network connectivity between workloads.

Intel-powered computers affected by serious firmware flaw (CVE-2024-0762)
A vulnerability (CVE-2024-0762) in the Phoenix SecureCore UEFI, which runs on various Intel processors, could be exploited locally to escalate privileges and run arbitrary code within the firmware during runtime.

Malware peddlers love this one social engineering trick!
Attackers are increasingly using a clever social engineering technique to get users to install malware, Proofpoint researchers are warning.

Critical RCE flaws in vCenter Server fixed (CVE-2024-37079, CVE-2024-37080)
VMware by Broadcom has fixed two critical vulnerabilities (CVE-2024-37079, CVE-2024-37080) affecting VMware vCenter Server and products that contain it: vSphere and Cloud Foundation.

Medibank breach: Security failures revealed (lack of MFA among them)
The 2022 Medibank data breach / extortion attack perpetrated by the REvil ransomware group started by the attackers leveraging login credentials stolen from a private computer of an employee of a Medibank’s IT contractor.

Clever macOS malware delivery campaign targets cryptocurrency users
Cryptocurrency users are being targeted with legitimate-looking but fake apps that deliver information-stealing malware instead, Recorded Future’s researchers are warning.

CDK Global cyberattack cripples 15,000 US auto dealerships
CDK Global, a software-as-a-service (SaaS) provider for car dealers and auto equipment manufacturers, has suffered a cyberattack that has temporarily disrupted its customers’ operations.

Crown Equipment cyberattack confirmed, manufacturing disrupted for weeks
Ohio-based Crown Equipment, which is among the largest industrial and forklift truck manufacturers in the world, has become a victim of a cyberattack “by an international cybercriminal organization,” the company has finally confirmed to its employees on Tuesday.

US bans Kaspersky antivirus software due to national security risks
The US Department of Commerce has announced an upcoming US-wide ban of cybersecurity and antivirus software by Kaspersky, as its “ability to gather valuable US business information, including intellectual property, and to gather US persons’ sensitive data for malicious use by the Russian Government pose an undue or unacceptable national security risk.”

Find out which cybersecurity threats organizations fear the most
This article compiles excerpts from various reports, presenting statistics and insights on cybersecurity threats faced by businesses and individuals alike.

Cybersecurity jobs available right now: June 19, 2024
We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.

Preparing for a post-quantum future
In this Help Net Security video, Kevin Bocek, Chief Innovation Officer at Venafi, advocates for a proactive approach with automation and governance, focusing on adaptability as the post-quantum landscape evolves.

Low code, high stakes: Addressing SQL injection
Like a bad movie that seems to go on forever, SQL injection (SQLi) attacks have lingered since the late 1990s. Due to various factors, they remain the third most common source of web application vulnerabilities.

How to create your cybersecurity “Google Maps”: A step-by-step guide for security teams
Cybersecurity isn’t just about firewalls and antivirus. It’s about understanding how your defenses, people, and processes work together. Just like Google Maps revolutionized navigation, process mapping can revolutionize how you understand and manage your security landscape.

Malicious emails trick consumers into false election contributions
Major regional and global events – such as military exercises, political or economic summits, political conventions, and elections – drove cyber threat activities, according to Trellix.

42% plan to use API security for AI data protection
While 75% of enterprises are implementing AI, 72% report significant data quality issues and an inability to scale data practices, according to F5.

Edge services are extremely attractive targets to attackers
The cyber threat landscape in 2023 and 2024 has been dominated by mass exploitation, according to WithSecure.

Rising exploitation in enterprise software: Key trends for CISOs
Action1 researchers found an alarming increase in the total number of vulnerabilities across all enterprise software categories.

Most cybersecurity pros took time off due to mental health issues
Cybersecurity and infosecurity professionals say that work-related stress, fatigue, and burnout are making them less productive, including taking extended sick leave – costing US enterprises almost $626 million in lost productivity every year, according to Hack The Box.

Improving OT cybersecurity remains a work in progress
Organizations have made progress in the past 12 months related to advancing their OT security posture, but there are still critical areas for improvement as IT and OT network environments continue to converge, according to Fortinet.

Pressure mounts on CISOs as SEC bares teeth with legal action
A Panaseer investigation into organizations’ annual 10-K filings reported to the SEC shows that from January-May 2024, at least 1,327 filings mentioned NIST – a key indicator that cybersecurity posture is present in a filing.

eBook: CISO guide to password security
It is not just about creating barriers to unauthorized access but about building sustainable practices that enhance an organization’s cybersecurity posture while supporting operational efficiency.

How can SLTTs defend against cyber threats?
Managing cybersecurity for any organization is no easy feat. Improving cybersecurity maturity is often even more difficult, made increasingly challenging by the eye-watering costs of cybersecurity products and solutions.

eBook: The Art & Science of Secure Software Development
Software security requires a creative and disciplined approach. It involves having the vision to develop secure strategy, tactics, and execution. Excelling in the discipline demands thinking through the entire software lifecycle and enforcing security as a first-thought process.

New infosec products of the week: June 21, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Atsign, Datadog, Metomic, NinjaOne, Verimatrix, and Veritas Technologies.



Source link