Week in review: Critical git vulnerabilities, increasingly malicious Google Search ads


Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Cacti servers under attack by attackers exploiting CVE-2022-46169
If you’re running the Cacti network monitoring solution and you haven’t updated it since early December, now is the time to do it to foil attackers exploiting a critical command injection flaw (CVE-2022-46169).

CircleCI breach post-mortem: Attackers got in by stealing engineer’s session cookie
The attackers who pulled off the recent breach of continuous integration and continuous delivery (CI/CD) platform maker CircleCI got in by compromising an engineer’s laptop with malware, stealing their 2FA-backed SSO session cookie, and using it to impersonate the employee in a remote location.

PoC for critical ManageEngine bug to be released, so get patching! (CVE-2022-47966)
If your enterprise is running ManageEngine products that were affected by CVE-2022-47966, check now whether they’ve been updated to a non-vulnerable version because Horizon3 will be releasing technical details and a PoC exploit this week.

Google ads increasingly pointing to malware
The FBI has recently warned the public about search engine ads pushing malware diguised as legitimate software – an old tactic that has lately resulted in too many malicious ads served to users searching for software, cracked software, drivers – anything that can be downloaded, really – via Google and Bing.

Vulnerable NetComm routers and a public PoC exploit (CVE-2022-4873, CVE-2022-4874)
Two vulnerabilities (CVE-2022-4873, CVE-2022-4874) found in three NetComm router models could be exploited to achieve remote code execution on vulnerable devices, and there’s a public PoC chaining them, CERT/CC has warned.

Critical RCE vulnerabilities found in git (CVE-2022-41903, CVE-2022-23251)
A source code audit has revealed two critical vulnerabilities affecting git, the popular distributed version control system for collaborative software development.

10 data security enhancements to consider as your employees return to the office
77% of IT decision makers across the United States and Canada believe their companies are likely to face a data breach within the next three years according to survey results released by Adastra.

Why encrypting emails isn’t as simple as it sounds
For organizations, deciding what email encryption solution to use is often not so simple and, generally speaking, there is no single correct answer.

Passkeys, going passwordless, and the future of authentication
In this Help Net Security video, Anna Pobletts, Head of Passwordless at 1Password, talks about the benefits of passwordless authentication and what the authentication landscape will look like in the near future.

Post-quantum cybersecurity threats loom large
A new Zapata Computing report reveals a deepening commitment from enterprises that points to a maturing industry with widespread, global interest and increased urgency regarding post-quantum cybersecurity threats.

How to succeed in cyber crisis management and avoid a Tower of Babel
For cyber professionals, the aftermath of handling an attack can often feel like winning the battle but losing the war.

Threats that will dominate headlines in 2023
In this Help Net Security video, MacKenzie Jackson, Developer Advocate at GitGuardian, offers his cybersecurity predictions for 2023.

Global instability increases cyber risk, says World Economic Forum
Geopolitical instability is exacerbating the risk of catastrophic cyberattacks, according to the Global Cybersecurity Outlook 2023 report from the World Economic Forum.

Cybersecurity in 2023: Russian escalation, Chinese espionage, Iranian “hacktivism”
In 2022, state-sponsored cyber activity has been drawn into sharp focus, ransomware continued to dominate as the primary threat facing organizations, and there have been several highly publicized incidents.

Potential threats and sinister implications of ChatGPT
In this Help Net Security video, Karl Sigler, Senior Security Research Manager at Trustwave SpiderLabs, talks about how ChatGPT has multiple use cases and enormous benefits. Still, at the same time, there are threats to consider.

Training, endpoint management reduce remote working cybersecurity risks
33% of companies are not providing any cybersecurity awareness training to users who work remotely, according to Hornetsecurity.

Zero trust network access for Desktop as a Service
When you support a remote workforce, you risk opening your data, applications, and organization to the world. How can you sleep soundly at night while enabling a modern “work from anywhere” workforce?

Techniques that attackers use to trick victims into visiting malicious content
In this Help Net Security video, Ray Canzanese, Threat Research Director at Netskope, talks about the impact of two different types of harmful content: malware downloads and malicious web content.

The threat of location spoofing and fraud
In this Help Net Security video, André Ferraz, CEO at Incognia, discusses the impact of location spoofing and location-based fraud.

New infosec products of the week: January 20, 2023
Here’s a look at the most interesting products from the past week, featuring releases from CloudSEK, Devo Technology, Immuta, Varonis, and Zyxel Networks.



Source link