Week in review: Two Cisco ASA zero-days exploited, MITRE breach, GISEC Global 2024


Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359)
A state-sponsored threat actor has managed to compromise Cisco Adaptive Security Appliances (ASA) used on government networks across the globe and use two zero-day vulnerabilities (CVE-2024-20353, CVE-2024-20359) to install backdoors on them, Cisco Talos researchers have shared on Wednesday.

MITRE breached by nation-state threat actor via Ivanti zero-days
MITRE has been breached by attackers via two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Ivanti’s Connect Secure VPN devices.

Photos: GISEC Global 2024
GISEC Global took place from April 23 to April 25, 2024, at the Dubai World Trade Centre. Here are a few photos from the event, featured vendors include: Waterfall Security Solutions, Netskope, Google Cloud, Huawei, NetSPI, SecureLink, Cloudflare, IT Max Global, Deloitte, Pulsec, Help AG, Splunk, Netscout, Zscaler, SecurityScorecard, OPSWAT, Ciqur24, toolswatch. A video walkthrough is also available.

Cybersecurity jobs available right now: April 24, 2024
We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.

10 colleges and universities shaping the future of cybersecurity education
Institutions featured on this list often provide undergraduate and graduate degrees, courses, as well as certificate programs tailored to meet the growing demand for cybersecurity professionals in various industries.

Overcoming GenAI challenges in healthcare cybersecurity
In this Help Net Security interview, Assaf Mischari, Managing Partner, Team8 Health, discusses the risks associated with GenAI healthcare innovations and their impact on patient privacy.

How to optimize your bug bounty programs
In this Help Net Security interview, Roy Davis, Manager – Vulnerability Management & Bug Bounty at Zoom, discusses the role bug bounty programs play in identifying security vulnerabilities and facilitating collaboration with researchers.

LSA Whisperer: Open-source tools for interacting with authentication packages
LSA Whisperer consists of open-source tools designed to interact with authentication packages through their unique messaging protocols.

Cloud Console Cartographer: Open-source tool helps security teams transcribe log activity
Cloud Console Cartographer is an open-source tool that maps noisy log activity into highly consolidated, succinct events to help security practitioners cut through the noise and understand console behavior in their environment.

PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389)
More details of and a proof-of-concept exploit for an unauthenticated OS command injection vulnerability (CVE-2024-2389) in Flowmon, Progress Software’s network monitoring/analysis and security solution, have been published.

Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028)
For nearly four years and perhaps even longer, Forest Blizzard (aka Fancy Bear, aka APT28) has been using a custom tool that exploits a specific vulnerability in Windows Print Spooler service (CVE-2022-38028).

CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040)
A vulnerability (CVE-2024-4040) in enterprise file transfer solution CrushFTP is being exploited by attackers in a targeted fashion, according to Crowdstrike.

Applying DevSecOps principles to machine learning workloads
Protecting data and other enterprise assets is an increasingly challenging task, and one that touches nearly every corner of an organization. As the complexity of digital systems grows, the challenges mount.

What AI can tell organizations about their M&A risk
In this Help Net Security video, Brian Neuhaus, CTO Americas for Vectra AI, discusses the intersection of AI and cybersecurity and its impact on M&A processes.

Behavioral patterns of ransomware groups are changing
Q1 saw substantial shifts in activity from some of the most prolific Ransomware-as-a-Service (RaaS) groups, according to GuidePoint Security.

GenAI can enhance security awareness training
One of the biggest concerns over generative AI is its ability to manipulate us, which makes it ideal for orchestrating social engineering attacks

The relationship between cybersecurity and work tech innovation
In this Help Net Security video, Cormac Twomey, CTO at Envoy, discusses the symbiotic relationship between work tech innovation and cybersecurity.

AI set to play key role in future phishing attacks
A staggering increase in QR code phishing (quishing) attacks during 2023 saw them skyrocket up the list of concerns for cyber teams globally, according to Egress.

The rising influence of AI on the 2024 US election
We stand at a crossroads for election misinformation: on one side our election apparatus has reached a higher level of security and is better defended from malicious attackers than ever before.

What is multi-factor authentication (MFA), and why is it important?
In this Help Net Security video, Larry Kinkaid, Manager, Cybersecurity Consulting at BARR Advisory, shares tips for consumers who need simple, accessible ways to secure their private data.

25 cybersecurity AI stats you should know
In this article, you will find excerpts from reports we recently covered, which offer stats and insights into the challenges and cybersecurity issues arising from the expansion of AI.

Fuxnet malware: Growing threat to industrial sensors
In this Help Net Security video, Sonu Shankar, Chief Strategy Officer at Phosphorus, discusses how Blackjack’s Fuxnet malware should be a wakeup call to industrial operators about the vulnerability of sensor networks and the outsized impact these attacks can have on critical operations.

Breaking down the numbers: Cybersecurity funding activity recap
Here’s a list of interesting cybersecurity companies that received funding so far in 2024.

New infosec products of the week: April 26, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Cyberint, Forcepoint, Invicti Security, Netwrix, Trend Micro, Zero Networks, and WhyLabs.



Source link