Week in review: Microsoft fixes exploited 0-day, top cybersecurity books for your holiday gift list

Week in review: Microsoft fixes exploited 0-day, top cybersecurity books for your holiday gift list

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Microsoft fixes exploited zero-day (CVE-2024-49138)
On December 2024 Patch Tuesday, Microsoft resolved 71 vulnerabilities in a variety of its products, including a zero-day (CVE-2024-49138) that’s been exploited by attackers in the wild to execute code with higher privileges.

Top cybersecurity books for your holiday gift list
The holiday season is approaching, and with it, the tradition of gift-giving. For professionals and enthusiasts alike, a well-chosen book can provide both knowledge and inspiration. To help with ideas on what to give, we’ve compiled a list of cybersecurity books to consider.

Cleo patches zero-day exploited by ransomware gang
Cleo has released a security patch to address the critical vulnerability that started getting exploited while still a zero-day to breach internet-facing Cleo Harmony, VLTrader, and LexiCom instances.

Tackling software vulnerabilities with smarter developer strategies
In this Help Net Security interview, Karl Mattson, CISO at Endor Labs, discusses strategies for enhancing secure software development.

Krispy Kreme cybersecurity incident disrupts online ordering
Popular US doughnut chain Krispy Kreme has been having trouble with its online ordering system as well as digital payments at their brick-and-mortar shops since late November, and now we finally know why: an 8-K report filed with the US Securities and Exchange Commission (SEC) has revealed that the company has suffered a “cybersecurity incident”.

Shaping effective AI governance is about balancing innovation with humanity
In this Help Net Security interview, Ben de Bont, CISO at ServiceNow, discusses AI governance, focusing on how to foster innovation while ensuring responsible oversight.

27 DDoS-for hire platforms seized by law enforcement
As part of an ongoing international crackdown known as Operation PowerOFF, international law enforcement has seized over two dozen platforms used to carry out Distributed Denial-of-Service (DDoS) attacks.

Why crisis simulations fail and how to fix them
In this Help Net Security interview, Allison Ritter, Head of Cyber Experiential Exercising at Cyberbit, shares her insights on the key differences between in-person and virtual cyber crisis simulations and what makes each approach effective.

Microsoft enforces defenses preventing NTLM relay attacks
Since making Kerberos the default Windows authentication protocol in 2000, Microsoft has been working on eventually retiring NTLM, its less secure and obsolete counterpart.

Strengthening security posture with comprehensive cybersecurity assessments
In this Help Net Security interview, Phani Dasari, CISO at HGS, discusses key aspects of cybersecurity assessments, including effective tools and methodologies, the role of AI and automation, and strategies for aligning assessments with organizational needs.

Update your OpenWrt router! Security issue made supply chain attack possible
A security issue that could have allowed attackers to serve malicious firmware images to users has been fixed by OpenWrt Project, the organization that helms the development of the popular Linux distribution for embedded devices.

Who handles what? Common misconceptions about SaaS security responsibilities
In this Help Net Security interview, James Dolph, CISO at Guidewire, addresses common misconceptions about security responsibilities in cloud environments, particularly in SaaS, and how these misunderstandings can lead to security risks.

Microsoft: “Hack” this LLM-powered service and get paid
Microsoft, in collaboration with the Institute of Science and Technology Australia and ETH Zurich, has announced the LLMail-Inject Challenge, a competition to test and improve defenses against prompt injection attacks.

BadRAM: $10 hack unlocks AMD encrypted memory
Cybersecurity researchers have identified a vulnerability (CVE-2024-21944, aka BadRAM) affecting ADM processors that can be triggered by rogue memory modules to unlock the chips’ encrypted memory.

8Base hacked port operating company Luka Rijeka
Luka Rijeka, a company that offers maritime transport, port, storage of goods and forwarding services in Rijeka, Croatia, has been hacked by the 8Base ransomware group.

We must adjust expectations for the CISO role
The chief information security officer (CISO) role, once a back-office function primarily focused on technical oversight, has moved squarely into the executive spotlight.

Exposed APIs and issues in the world’s largest organizations
In this Help Net Security video, Tristan Kalos, CEO of Escape, discusses the results of its 2024 State of API Exposure report.

Open source malware up 200% since 2023
Sonatype’s 2024 Open Source Malware Threat Report reveals that the number of malicious packages has surpassed 778,500 since tracking began in 2019.

Preventing data leakage in low-node/no-code environments
Low-code/no-code (LCNC) platforms enable application development by citizen developers, often generating “shadow engineering” projects that evade security oversight. While LCNC solutions like Power BI reports and automated workflows foster agility and innovation, they also introduce significant risks, including data leakage.

What makes for a fulfilled cybersecurity career
In this Help Net Security video, Richard Hummel, NETSCOUT’s Director of Threat Intelligence, talks about his journey into cybersecurity and offers insight for those that are interested in pursuing it as a career.

Containers have 600+ vulnerabilities on average
Containers are the fastest growing – and weakest cybersecurity link – in software supply chains, according to NetRise.

US sanctions Chinese cybersecurity company for firewall compromise, ransomware attacks
The Department of the Treasury is sanctioning Chinese cybersecurity company Sichuan Silence, and one of its employees, Guan Tianfeng, for their roles in the April 2020 compromise of tens of thousands of firewalls worldwide.

Businesses plagued by constant stream of malicious emails
36.9% of all emails received by businesses (20.5 billion) in 2024 were unwanted, according to Hornetsecurity’s analysis of 55.6+ billion emails processed through their security services between November 1, 2023 and October 31, 2024 – and 2.3% of those contained malicious content, totalling 427.8 million emails.

Cybersecurity jobs available right now: December 10, 2024
We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.

TPM 2.0: The new standard for secure firmware
Connected devices are better protected from cyberattacks and less likely to be compromised by errors thanks to the new TPM 2.0 specification from the Trusted Computing Group (TCG).

Only Cynet delivers 100% protection and detection visibility in the 2024 MITRE ATT&CK Evaluation
Cynet delivered 100% detection visibility, detecting every attack action using no configuration changes and no delays.

New infosec products of the week: December 13, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Cato Networks, Horizon3.ai, SecureAuth, Stamus Networks, Trellix, and Versa Networks.



Source link