Week in review: MS Office flaw may leak NTLM hashes, malicious Chrome, Edge browser extensions


Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200)
A new MS Office zero-day vulnerability (CVE-2024-38200) can be exploited by attackers to grab users’ NTLM hashes, Microsoft has shared late last week.

Critical RCE bug in SolarWinds Web Help Desk fixed (CVE-2024-28986)
SolarWinds has fixed a critical vulnerability (CVE-2024-28986) in its Web Help Desk (WHD) solution that may allow attackers to run commands on the host machine.

IntelOwl: Open-source threat intelligence management
IntelOwl is an open-source solution designed for large-scale threat intelligence management.

How passkeys eliminate password management headaches
In this Help Net Security interview, David Cottingham, President at rf IDEAS, discusses the key benefits organizations can expect when implementing passkeys.

Key metrics for monitoring and improving ZTNA implementations
In this Help Net Security interview, Dean Hamilton, CTO at Wilson Perumal & Company, discusses the complexities of zero trust network access (ZTNA) implementation, focusing on balancing security with operational efficiency.

Authentik: Open-source identity provider
Authentik is an open-source identity provider designed for maximum flexibility and adaptability. It easily integrates into existing environments and supports new protocols.

Microsoft fixes 6 zero-days under active attack
August 2024 Patch Tuesday is here, and Microsoft has delivered fixes for 90 vulnerabilities, six of which have been exploited in the wild as zero-days, and four are publicly known.

Chrome, Edge users beset by malicious extensions that can’t be easily removed
A widespread campaign featuring a malicious installer that saddles users with difficult-to-remove malicious Chrome and Edge browser extensions has been spotted by researchers.

Tech support scammers impersonate Google via malicious search ads
Google Search ads that target users looking for Google’s own services lead them to spoofed sites and Microsoft and Apple tech support scams.

Hide yo environment files! Or risk getting your cloud-stored data stolen and held for ransom
Cybercriminals are breaking into organizations’ cloud storage containers, exfiltrating their sensitive data and, in several cases, have been paid off by the victim organizations to not leak or sell the stolen data.

Scammers dupe chemical company into wiring $60 million
Orion S.A., a global chemical company with headquarters in Luxembourg, has become a victim of fraud: it lost approximately $60 million through “multiple fraudulently induced outbound wire transfers to accounts controlled by unknown third parties.”

Australian gold mining company hit with ransomware
Australian gold mining firm Evolution Mining has announced on Monday that it became aware on 8 August 2024 of a ransomware attack impacting its IT systems, and has been working with its external cyber forensic experts to investigate the incident.

Cybersecurity jobs available right now: August 14, 2024
We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.

Delta vs. CrowdStrike: The duties vendors owe to customers – or do they?
In a potentially groundbreaking dispute, Delta Air Lines is threatening to sue CrowdStrike, a leading cybersecurity firm, for alleged negligence and breach of contract.

How NoCode and LowCode free up resources for cybersecurity
In this Help Net Security video, Frederic Najman, Executive Member of the SFPN (French Union of NoCode Professionals), discusses how NoCode and LowCode technologies enable companies to free up development resources to tackle cybersecurity issues.

Misconfigurations and IAM weaknesses top cloud security concerns
Traditional cloud security issues often associated with cloud service providers (CSPs) are continuing to decrease in importance, according to the Top Threats to Cloud Computing 2024 report by the Cloud Security Alliance.

Browser backdoors: Securing the new frontline of shadow IT
Browser extensions are a prime target for cybercriminals. And this isn’t just a consumer problem – it’s a new frontier in enterprises’ battle against shadow IT.

Current attacks, targets, and other threat landscape trends
In this Help Net Security video, Kendall McKay, Strategic Lead, Cyber Threat Intelligence at Cisco Talos, discusses the trends that Cisco Talos incident response observed in incident response engagements from Q2 2024, which covers April to June.

74% of ransomware victims were attacked multiple times in a year
An alarming trend toward multiple, sometimes simultaneous cyber attacks forces business leaders to re-evaluate their cyber resilience strategies to address common points of failure, including inadequate identity system backup and recovery practices, according to Semperis.

Steps to improve quality engineering and system robustness
In this Help Net Security video, Stephen Johnson, CEO of Roq, says it is now imperative for companies and organizations to invest significantly more resources and effort into ensuring future-proof systems underpin everything they do.

How CIOs, CTOs, and CISOs view cyber risks differently
C-suite executives face a unique challenge: aligning their priorities between driving technological innovation and ensuring business resilience while managing ever-evolving cyber threats from criminals adept at exploiting the latest technologies, according to LevelBlue.

New infosec products of the week: August 16, 2024
Here’s a look at the most interesting products from the past week, featuring releases from ClearSale, Guardio, Ivanti, Resecurity, and Stellar.



Source link