Week in review: KeePass vulnerability, Apple fixes exploited WebKit 0-days


Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Apple fixes WebKit 0-days under attack (CVE-2023-28204, CVE-2023-32373, CVE-2023-32409)
Apple has released security updates for iOS and iPadOS, macOS, tvOS and watchOS, delivering fixes for many vulnerabilities but, most importantly, for CVE-2023-32409, a WebKit 0-day that “may have been actively exploited.”

Google Cloud CISO on why the Google Cybersecurity Certificate matters
In this Help Net Security interview, Phil Venables, CISO at Google Cloud, sheds light on how this initiative will create greater opportunities for individuals worldwide and contribute to meeting the increasing demand for cybersecurity professionals.

SquareX’s vision: A future where internet security is a non-issue
SquareX, the brainchild of cybersecurity trailblazer Vivek Ramachandran, is on a mission to revolutionize the cybersecurity landscape with a unique browser-based solution, designed to fortify online safety for consumers.

Enhancing open source security: Insights from the OpenSSF on addressing key challenges
In this Help Net Security interview, we meet a prominent industry leader. Brian Behlendorf, CTO at the Open Source Security Foundation (OpenSSF), shares insights on the influence of his experiences with the White House CTO office, World Economic Forum, and Linux Foundation on leading the OpenSSF and addressing open-source security challenges.

KeePass flaw allows retrieval of master password, PoC is public (CVE-2023-32784)
A vulnerability (CVE-2023-32784) in the open-source password manager KeePass can be exploited to retrieve the master password from the software’s memory, says the researcher who unearthed the flaw.

Advantech’s industrial serial device servers open to attack
Three vulnerabilities in Advantech’s EKI series of serial device servers could be exploited to execute arbitrary commands on the OS level.

DarkBERT could help automate dark web mining for cyber threat intelligence
Researchers have developed DarkBERT, a language model pretrained on dark web data, to help cybersecurity pros extract cyber threat intelligence (CTI) from the Internet’s virtual underbelly.

Is human threat hunting a fool’s errand?
As the rate of cyberattacks steadily increases, automated threat hunting processes are being integrated to help stem the tide by providing quicker security insights, more efficient operations, and human error reductions.

Bad bots are coming for APIs
In 2022, 47.4% of all internet traffic came from bots, a 5.1% increase over the previous year, according to Imperva.

Web entity activity reveals insights into internet security
In this Help Net Security video, Himaja Motheram, Security Researcher at Censys, offers insight into the assets and weaknesses across organizations’ internet infrastructure.

Cisco fixes critical flaws in Small Business Series Switches
Nine vulnerabilities – 4 of them critical – have been found in a variety of Cisco Small Business Series Switches.

3 tips to accelerate zero trust adoption
Zero trust adoption is beginning to accelerate as networks get more complex. Gartner predicts that by 2026, 10% of large enterprises will have a comprehensive, mature, and measurable zero-trust program in place (compared to just 1% today). But adoption has been slow; according to a 2023 PWC report, only 36% have started their journey to zero trust.

Scammers exploit AI trend with fake ChatGPT apps on Google Play, Apple App Store
Sophos researchers uncovered multiple apps masquerading as legitimate, ChatGPT-based chatbots to overcharge users.

New trends in ransomware attacks shape the future of cybersecurity
In this Help Net Security video, Ryan Bell, Threat Intelligence Manager at Corvus Insurance, talks about how ransomware groups are more well-equipped than ever.

TP-Link routers implanted with malicious firmware in state-sponsored attacks
A Chinese state-sponsored APT group implanted malicious firmware into TP-Link routers as part of attack campaigns aimed at European foreign affairs entities, say Check Point researchers.

Preparing for federal supply chain security standardization
For organizations contracting with FCEB agencies, implementing basic cyber hygiene practices from now is critical and will be a competitive differentiator over the next few years.

Attack automation becomes a prevalent threat against APIs
The API threat landscape is constantly evolving, and organizations must be vigilant in protecting their APIs and web applications from automated threats (bots) and vulnerability exploits

Malicious open-source components threatening digital infrastructure
In this Help Net Security video, Henrik Plate, Lead Security Researcher at Endor Labs, discusses the dual-edged nature of open-source software.

Inactive Google accounts will be deleted
A week after Twitter announced it will be removing idle accounts after 30 days of inaction, Google has updated its account inactivity policy.

Infamous cybercrime marketplace offers pre-order service for stolen credentials
Infostealer malware, which consist of code that infects devices without the user’s knowledge and steals data, remains widely available to buy through underground forums and marketplaces, with the volume of logs, or collections of stolen data, available for sale increasing at alarming rates, according to Secureworks.

Introducing Permit.io: Simplifying access control and policy management for developers
In this Help Net Security video interview, Or Weis, Co-Founder and CEO of Permit.io, discusses an innovative approach to managing permissions and access control within applications.

Lacroix manufacturing facilities shut down following cyberattack
French electronics manufacturer Lacroix closed three factories as a result of a cyberattack they “intercepted” over the weekend, the company has announced on Monday.

Exploring the tactics of phishing and scam websites in 2023
In this Help Net Security video, Abhilash Garimella, Head of Research at Bolster, talks about the evolution of phishing and scam websites in 2023.

WhatsApp allows users to lock sensitive chats
Meta has unveiled Chat Lock within WhatsApp, a feature that allows users to keep sensitive and intimate conversations safe from prying eyes.

The CIS Benchmarks Community consensus process
CIS Benchmarks cover operating systems, servers, cloud, mobile devices, desktop software, and network devices.

New infosec products of the week: May 19, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Bitwarden, Cloudflare, ComplyAdvantage, Enzoic, Neurotechnology, Nozomi Networks, and Satori.



Source link