Week in review: Chrome zero-day is actually in libwebp, Sony hacking rumours


Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

How global enterprises navigate the complex world of data privacy
In this Help Net Security interview, Evelyn de Souza, Head of Privacy Compliance, Oracle SaaS Cloud, talks about the constant efforts required to keep up with privacy laws in each country, and ensuring compliance across the entire organization.

MITRE ATT&CK project leader on why the framework remains vital for cybersecurity pros
MITRE ATT&CK, a common language for cybersecurity professionals to communicate with each other and better understand real-world adversary behaviors, celebrates its 10th anniversary this fall.

The pitfalls of neglecting security ownership at the design stage
In this Help Net Security interview, Nima Baiati, Executive Director and GM, Commercial Cybersecurity Solutions at Lenovo, discusses the disconnect between development and security teams and how companies need to prioritize security and why utilizing a multi-layered strategy is the best way to secure above and below the OS.

The hidden costs of neglecting cybersecurity for small businesses
In this Help Net Security interview, Raffaele Mautone, CEO of Judy Security, talks about the cybersecurity problems that small businesses face and the need for prioritization to save businesses from potential fines and damage to their brand reputation.

Network Flight Simulator: Open-source adversary simulation tool
Network Flight Simulator is a lightweight utility that generates malicious network traffic and helps security teams evaluate security controls and network visibility.

Has Sony been hacked again?
Ransomed.vc, a relatively new ransomware / cyber extortion group, claims to have hacked Sony and made off with valuable data.

Critical JetBrains TeamCity vulnerability could be exploited to launch supply chain attacks (CVE-2023-42793)
Software development firm JetBrains has fixed a critical vulnerability (CVE-2023-42793) in its TeamCity continuous integration and continuous delivery (CI/CD) solution, which may allow authenticated attackers to achieve remote code execution and gain control of the server.

Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129)
The CVE-2023-5129 ID has been either rejected or withdrawn by the CVE Numbering Authority (Google), since it’s a duplicate of CVE-2023-4863. The entry for the latter has been broadened to include its impact to the libwebp library.

National Student Clearinghouse MOVEit breach impacts nearly 900 schools
US educational nonprofit organization National Student Clearinghouse (NSC) has revealed that the breach of its MOVEit server ended up affecting almost 900 colleges and universities, and resulted in the theft of personal information of their students.

Cl0p’s MOVEit attack tally surpasses 2,000 victim organizations
The number of victim organizations hit by Cl0p via vulnerable MOVEit installations has surpassed 2,000, and the number of affected individuals is now over 60 million.

Fake Bitwarden installation packages delivered RAT to Windows users
Windows users looking to install the Bitwarden password manager may have inadvertently installed a remote access trojan (RAT).

New twist on ZeroFont phishing technique spotted in the wild
Cybercriminals are leveraging the ZeroFont technique to trick users into trusting phishing emails, SANS ISC handler Jan Kopriva has warned.

Yet another Chrome zero-day exploited in the wild! (CVE-2023-5217)
Google has fixed another critical zero-day vulnerability (CVE-2023-5217) in Chrome that is being exploited in the wild.

Hands-on threat simulations: Empower cybersecurity teams to confidently combat threats
Security processes are increasingly automated which has led some businesses to deprioritize developing their security teams’ defense skills.

Cybersecurity skills employers are desperate to find in 2023
In this Help Net Security video, Aaron Rosenmund, Director of Security Research and Curriculum, Pluralsight, discusses the most sought-after cybersecurity skills in today’s competitive labor market.

Current ransomware defensive efforts are not working
Despite some positive developments, the impact of ransomware attacks remains high, according to SpyCloud.

Are developers giving enough thought to prompt injection threats when building code?
While LLMs promise a future streamlined by artificial intelligence, their current developmental status—in what can best be described as “beta” mode—creates a fertile ground for security exploits, particularly prompt injection attacks.

Is your identity safe? Exploring the gaps in threat protection
In this Help Net Security video, Hed Kovetz, CEO of Silverfort, discusses identity threat resilience and why organizations cannot protect themselves against account takeovers, lateral movement, and ransomware attacks.

The clock is ticking for businesses to prepare for mandated certificate automation
Many organizations are unprepared for sweeping industry changes that call for mandated certificate automation, according to GMO GlobalSign.

How to avoid the 4 main pitfalls of cloud identity management
Cloud identity management is a real challenge, but organizations are capable of preventing identity risk exposure and identity threats, especially if they avoid the four common pitfalls.

Kubernetes attacks in 2023: What it means for the future
In this Help Net Security video, Jimmy Mesta, CTO at KSOC, explores what it would take to protect against Kubernetes attacks in the real world.

5 free vulnerability scanners you should check out
Here’s a list of 5 free, open-source vulnerability scanners you can try today.

How should organizations navigate the risks and opportunities of AI?
There’s evidence to suggest that offensive actors are using AI and machine learning techniques to carry out increasingly sophisticated, automated attacks.

Why California’s Delete Act matters for the whole country
In this Help Net Security video, Dr. Chris Pierson, CEO of BlackCloak, discusses why this bill matters to CISOs.

Balancing cybersecurity with convenience and progress
Changing approaches to cybersecurity have led to slow but steady progress in defense and protection. Still, competing interests create a growing challenge for cybersecurity decision makers and practitioners, according to CompTIA.

Guide: SaaS Offboarding Checklist
Download this template from Nudge Security for the essential steps of IT offboarding in the age of SaaS.

New infosec products of the week: September 29, 2023
Here’s a look at the most interesting products from the past week, featuring releases from AlphaSOC, Baffle, Immersive Labs, OneTrust, Panzura, runZero, and SeeMetrics.



Source link