Week in review: Veeam Service Provider Console flaws fixed, Patch Tuesday forecast


Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Veeam plugs serious holes in Service Provider Console (CVE-2024-42448, CVE-2024-42449)
Veeam has fixed two vulnerabilities in Veeam Service Provider Console (VSPC), one of which (CVE-2024-42448) may allow remote attackers to achieve code exection on the VSPC server machine.

December 2024 Patch Tuesday forecast: The secure future initiative impact
It seems like 2024 just started, but the final Patch Tuesday of the year is almost here! In retrospect, it has been a busy year with continued Windows 11 releases, the new Server 2025 release, and all the patches we’ve needed to deal with on Patch Tuesdays (and in between).

$400M seized, 5,500 arrested in global operation targeting cyber fraud
A coordinated international operation involving law enforcement agencies from 40 countries led to the arrest of over 5,500 individuals linked to financial crimes and the confiscation of more than $400 million in virtual assets and government-backed currencies.

Windows, macOS users targeted with crypto-and-info-stealing malware
Downloading anything from the internet is a gamble these days: you might think that you are downloading an innocuous app from a legitimate firm but thanks to clever misuse of AI and some social engineering, you can end up with information and cryptocurrency-stealing malware.

SafeLine: Open-source web application firewall (WAF)
SafeLine is an open-source and self-hosted Web Application Firewall (WAF) that protects websites from cyber attacks.

How to choose secure, verifiable technologies?
The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has published a guidance document titled Choosing Secure and Verifiable Technologies, compiled to assist organizations in making informed decisions when procuring software (proprietary or open source), hardware (e.g., IoT devices), and cloud services (SaaS, MSP services).

Building a robust security posture with limited resources
In this Help Net Security interview, Gareth Lindahl-Wise, CISO at Ontinue, discusses how business leaders can align innovation with cybersecurity, tackle the risks posed by legacy systems, and build defenses for startups.

Mitel MiCollab zero-day and PoC exploit unveiled
A zero-day vulnerability in the Mitel MiCollab enterprise collaboration suite can be exploited to read files containing sensitive data, watchTowr researcher Sonny Macdonald has disclosed, and followed up by releasing a proof-of-concept (PoC) exploit that chains together this zero-day file read vulnerability with CVE-2024-41713, which allows attackers to bypass authentication.

How the Shadowserver Foundation helps network defenders with free intelligence feeds
In this Help Net Security interview, Piotr Kijewski, CEO of The Shadowserver Foundation, discusses the organization’s mission to enhance internet security by exposing vulnerabilities, malicious activity, and emerging threats.

8 US telcos compromised, FBI advises Americans to use encrypted communications
FBI and Cybersecurity and Infrastructure Security Agency (CISA) officials have advised Americans to use encrypted call and messaging apps to protect their communications from threat actors that have – and will – burrow into the networks and systems of US telecommunication companies.

Securing AI’s new frontier: Visibility, governance, and mitigating compliance risks
In this Help Net Security interview, Niv Braun, CEO at Noma Security, discusses the difficulties security teams face due to the fragmented nature of AI processes, tools, and teams across the data and AI lifecycle.

Solana’s popular web3.js library backdoored in supply chain compromise
A software supply chain attack has lead to the publication of malicious versions of Solana’s web3.js library on the npm registry.

Nextcloud Talk: Open-source, GDPR-compliant alternative to Microsoft Teams
Nextcloud has unveiled Nextcloud Talk, an open-source alternative to Microsoft Teams. It’s a privacy-compliant collaboration platform for hybrid teams that gives companies complete control over their data.

How widespread is mercenary spyware? More than you think
A targeted hunt on 2,500 mobile devices for indicators of compromise associated with mercenary spyware has revealed that its use is not as rare as one would hope.

Treat AI like a human: Redefining cybersecurity
In this Help Net Security interview, Doug Kersten, CISO of Appfire, explains how treating AI like a human can change the way cybersecurity professionals use AI tools.

PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785)
Researchers have published a proof-of-concept (PoC) exploit for CVE-2024-8785, a critical remote code execution vulnerability affecting Progress WhatsUp Gold, a popular network monitoring solution for enterprises.

Inside the 2024 CWE Top 25: Trends, surprises, and persistent challenges
In this Help Net Security interview, Alec Summers, Project Leader for the CVE Program at MITRE, shares his insights on the 2024 CWE top 25 most dangerous software weaknesses.

Police takes down Matrix encrypted chat service used by criminals
A joint investigation team involving French and Dutch authorities has taken down Matrix, yet another end-to-end encrypted chat service created for criminals.

Preparing for Q-day: The essential role of cloud migration in securing enterprise data
As the era of quantum computing draws closer, businesses face a new and unprecedented threat to data security: “Q-day.”

Phishers send corrupted documents to bypass email security
Phishers have come up with a new trick for bypassing email security systems: corrupted MS Office documents.

5 reasons to double down on network security
Cybersecurity programs have evolved significantly over the past few decades. The advent of cloud computing shattered the conventional corporate perimeter, forcing organizations to update their defense strategies.

US government, energy sector contractor hit by ransomware
ENGlobal, a Texas-based engineering and automation contractor for companies in the energy sector, has had its data encrypted by attackers.

Building trust in tokenized economies
In this Help Net Security video, Jeremy Bradley, COO of Zama, explores the emerging privacy-preserving technologies that can help solve this challenge, focusing on Fully Homomorphic Encryption (FHE), which enables data to remain encrypted even during processing, positioning it as a potential cornerstone for secure, decentralized environments.

65% of office workers bypass cybersecurity to boost productivity
High-risk access exists throughout the workplace, in almost every job role, proving that the time has come for organizations to re-think the way they protect their workforce, according to CyberArk.

The shocking speed of AWS key exploitation
It’s no secret that developers often inadvertently expose AWS access keys online and we know that these keys are being scraped and misused by attackers before organizations get a chance to revoke them.

Best practices for staying cyber secure during the holidays
In this Help Net Security video, Sean Tufts, managing partner for critical infrastructure and operational technology at Optiv, discusses best practices for keeping businesses secure amidst a barrage of threats during the holiday season.

70% of open-source components are poorly or no longer maintained
The geographic distribution of open-source contributions introduces geopolitical risks that organizations must urgently consider, especially with rising nation-state attacks, according to Lineaje.

AWS offers incident response service
Amazon Web Services (AWS) has launched a new service to help organizations prepare for and recover from ransomware attacks, account takeovers, data breaches, and other security events: AWS Security Incident Response (SIR).

How AI is transforming human risk management
In this Help Net Security video, Bret Fund, SVP and General Manager at Infosec Institute, discusses how human risk management should be at the core of an organization’s risk management strategy, especially in the age of AI.

Data scientists create tool to spot fake images
Pixelator v2 is a tool to spot fake images. It uses a new combination of image veracity techniques with capability beyond what can be seen by the human eye.

Cybersecurity jobs available right now: December 3, 2024
We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.

Product showcase: Securing Active Directory passwords with Specops Password Policy
A third-party tool Specops Password Policy can make life much simpler for IT professionals tasked with the important job of securing their Active Directory environment.

Download: The Ultimate Guide to the CCSP
Learn how CCSP – and ISC2 – can help you discover your certification path, create your plan and distinguish you as a top-level cybersecurity expert.

Whitepaper: 9 traits of effective cybersecurity leaders of tomorrow
The cyber world needs your expertise. However, the security leaders of tomorrow require a broad set of skills that job experience alone does not arm you with.

New infosec products of the week: December 6, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Datadog, Fortinet, Radiant Logic, Sweet Security, Tenable, and Veza.



Source link