Week in review: ChatGPT cybersecurity, critical RCE vulnerabilities found in git, Riot Games breached


Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

BSidesZG 2023: Strengthening the infosec community in Croatia’s capital
In March 2023, Zagreb will be added to the (already long) list of cities where information security professionals and enthusiasts can share their knowledge with peers at a Security BSides conference. We’ve talked with BSidesZG organizer Ante Jurjevic to find out what’s in store for those who attend.

How to tackle the cybersecurity skills shortage in the EU
In this Help Net Security Dritan Saliovski, Director – Nordic Head of Cyber M&A, Transaction Advisory Services at Aon, offers some pointers, as well as advice to organizations on how to attract and retain the best cybersecurity talent.

ChatGPT is a bigger threat to cybersecurity than most realize
A language-generating AI model called ChatGPT, available for free, has taken the internet by storm. While AI has the potential to help IT and security teams become more efficient, it also enables threat actors to develop malware.

ENISA gives out toolbox for creating security awareness programs
The European Union Agency for Cybersecurity (ENISA) has made available Awareness Raising in a Box (AR-in-a-BOX), a “do it yourself” toolbox to help organizations in their quest to create and implement a custom security awareness raising program.

Apple delivers belated zero-day patch for iOS v12 (CVE-2022-42856)
Apple has released security updates for macOS, iOS, iPadOS and watchOS, patching – among other things – a type confusion flaw in the WebKit component (CVE-2022-42856) that could be exploited for remote code execution on older iPhones and iPads running iOS v12.

GoTo now says customers’ backups have also been stolen
GoTo (formerly LogMeIn) has confirmed on Monday that attackers have stolen customers’ encrypted backups from a third-party cloud storage service related to its Central, Pro, join.me, Hamachi, and RemotelyAnywhere offerings.

Critical VMware vRealize Log Insight flaws patched (CVE-2022-31706, CVE-2022-31704)
VMware has fixed two critical (CVE-2022-31706, CVE-2022-31704) and two important (CVE-2022-31710, CVE-2022-31711) security vulnerabilities in VMware vRealize Log Insight, its multi-cloud solution for centralized log management, operational visibility and intelligent analytics.

Riot Games breached: How did it happen?
The hackers who breached Riot Games last week are asking for $10 million not to leak the stolen source code for the company’s popular League of Legends online game.

Attackers use portable executables of remote management software to great effect
Tricking users at targeted organizations into installing legitimate remote monitoring and management (RMM) software has become a familiar pattern employed by financially motivated attackers.

Researchers release PoC exploit for critical Windows CryptoAPI bug (CVE-2022-34689)
Akamai researchers have published a PoC exploit for a critical vulnerability (CVE-2022-34689) in Windows CryptoAPI, which validates public key certificates.

The loneliness of leading a cybersecurity startup
The world of well-invested startups is a glamorous beacon to highly motivated entrepreneurs across the cybersecurity industry, and the ultimate responsibility for reaching the mark lies with the good management of the Chief Executive Officer.

Trained developers get rid of more vulnerabilities than code scanning tools
An EMA survey of 129 software development professionals uncovered that for those using code scanning tools, only 10% of organizations prevented a higher percentage of vulnerabilities than organizations not using code scanning tools, while continuous training greatly improved code security for over 60% of organizations that adopted it.

Why most IoT cybersecurity strategies give zero hope for zero trust
In this Help Net Security video, Denny LeCompte, CEO at Portnox, discusses how IoT has been difficult to profile accurately and why zero trust strategies fail when applied to IoT.

Understanding your attack surface makes it easier to prioritize technologies and systems
Organizations need to strike the balance of carrying out enough due diligence before patching, and then patching as quickly as possible to defend themselves against emerging threats.

NSA publishes IPv6 Security Guidance
The National Security Agency (NSA) published guidance to help Department of Defense (DoD) and other system administrators identify and mitigate security issues associated with a transition to Internet Protocol version 6 (IPv6).

A closer look at malicious packages targeting Python developers
In this Help Net Security video, Carlos Fernandez, Security Researcher at Sonatype, talks about how their AI system caught packages that attack Python developers with a unique tactic.

Chinese researchers: RSA is breakable. Others: Do not panic!
Recently, Chinese researchers have claimed that an existing algorithm can be used with today’s quantum computers to break the RSA algorithm, which is the fundamental basis of secure internet communication.

Supply chain attacks caused more data compromises than malware
The first half of 2022 saw fewer compromises reported due in part to Russia-based cybercriminals distracted by the war in Ukraine and volatility in the cryptocurrency markets, according to the Identity Theft Resource Center.

What makes small and medium-sized businesses vulnerable to BEC attacks
In this Help Net Security video, Dror Liwer, Co-Founder of Coro, talks about what makes small and medium-sized businesses especially vulnerable to this form of attack and why BEC’s contribution to the country’s annual cyber losses not only makes sense but is likely underreported.

How businesses can bolster their cybersecurity defenses with open source
Open-source software can be examined by everyone, both attackers and defenders. But this does not necessarily give attackers the upper hand.

Extent of reported CVEs overwhelms critical infrastructure asset owners
The sheer volume of reported ICS vulnerabilities and CVEs may cause critical infrastructure asset owners to feel overwhelmed, or need help knowing where to begin, according to SynSaber.

3 business application security risks businesses need to prepare for in 2023
Threat actors have been leveraging more discreet techniques to make a profit by directly targeting an enterprise’s crown jewels—enterprise resource planning (ERP) applications.

New infosec products of the week: January 27, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Perimeter 81, SpyCloud, ThreatConnect, Venafi, and Wallarm.



Source link