Week in review: BootHole, RCEs in industrial VPNs, the cybersecurity profession crisis

Here’s an overview of some of last week’s most interesting news, articles, interviews and reviews:

Attackers are exploiting Cisco ASA/FTD flaw in search for sensitive data
An unauthenticated file read vulnerability (CVE-2020-3452) affecting Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software is being exploited by attackers in the wild.

Researchers find critical RCE vulnerabilities in industrial VPN solutions
Critical vulnerabilities in several industrial VPN implementations for remotely accessing operational technology (OT) networks could allow attackers to overwrite data, execute malicious code or commands, cause a DoS condition, and more.

Twitter employees were spear-phished over the phone
Twitter has finally shared more details about how the perpetrators of the recent hijacking of high-profile accounts to push a Bitcoin scam managed to pull it off. Also, three alleged perpetrators have been identified.

Review: Cyber Warfare – Truth, Tactics, and Strategies
Many future battles will be fought with cyber weapons, narrowing the resources and capabilities gap that long existed between rich and poor nations. All of them can now effectively bring their enemy down.

Public cloud environments leave numerous paths open for exploitation
Cloud estates are being breached through their weakest links of neglected internet-facing workloads, widespread authentication issues, discoverable secrets and credentials, and misconfigured storage buckets.

62,000 QNAP NAS devices infected with persistent QSnatch malware
There are approximately 62,000 malware-infested QNAP NAS (Network Attached Storage) devices located across the globe spilling all the secrets they contain to unknown cyber actors, the US CISA and the UK NCSC have warned.

What are script-based attacks and what can be done to prevent them?
In today’s threat landscape, scripts provide initial access, enable evasion, and facilitate lateral movements post-infection.

How do I select an endpoint protection solution for my business?
To select an appropriate endpoint protection solution for your business, you need to think about a variety of factors. We’ve talked to several cybersecurity professionals to get their insight on the topic.

Lack of training, career development, and planning fuel the cybersecurity profession crisis
The cybersecurity skills crisis continues to worsen for the fourth year in a row and has impacted 70 percent of organizations, as revealed in a global study of cybersecurity professionals by ISSA and ESG.

Bug in widely used bootloader opens Windows, Linux devices to persistent compromise
A vulnerability (CVE-2020-10713) in the widely used GRUB2 bootloader opens most Linux and Windows systems in use today to persistent compromise.

Delivering and maintaining security at the speed of digital transformation
Dustin Rigg Hillard, CTO at eSentire, talks about modern digital threats, the challenges cybersecurity teams face, cloud-native security platforms, and more.

Security teams increasingly stressed due to lack of proper tools, executive support
93% of security professionals lack the tools to detect known security threats, and 92% state they are still in need of the appropriate preventative solutions to close current security gaps, according to LogRhythm.

How well do face recognition algorithms identify people wearing masks?
The answer, according to a preliminary study by the National Institute of Standards and Technology (NIST), is with great difficulty.

NIST selects algorithms to form a post-quantum cryptography standard
After spending more than three years examining new approaches to encryption and data protection that could defeat an assault from a quantum computer, the National Institute of Standards and Technology (NIST) has winnowed the 69 submissions it initially received down to a final group of 15.

It’s time to tap the next generation of cyber defenders
As college graduates of the Class of 2020 enter the workforce, we welcome a new generation of cyber professionals.

Attackers have created a specialized economy around email account takeover

Things to consider when selecting enterprise SSDs for critical workloads
We sat down with Scott Hamilton, Senior Director, Product Management, Data Center Systems at Western Digital, to learn more about SSDs and how they fit into current business environments and data centers.

Offensive Security acquires security training project VulnHub
Offensive Security has acquired open source security training resource hub VulnHub. The acquisition is part of OffSec’s ongoing mission to provide practical training content to aspiring cybersecurity professionals.

The distinction between human and bot behavior is becoming increasingly blurred
As consumers change their online habits, the distinction between human and bot behavior is becoming increasingly blurred, presenting cybersecurity teams with an even bigger challenge than before when it comes to differentiating humans from bots, and good bot behavior from bad.

What is privacy and why does it matter?
Privacy is a basic right and a necessary protection in the digital age to avoid victimization and manipulation.

DeimosC2: Open source tool to manage post-exploitation issues
TEAMARES launched DeimosC2, addressing the market need for a cross-compatible, open source Command and Control (C2) tool for managing compromised machines that includes mobile support.

Qualys unveils Multi-Vector EDR, a new approach to endpoint detection and response
Taking a new multi-vector approach to Endpoint Detection and Response (EDR), Qualys now brings the unifying power of its highly scalable cloud platform to EDR.

New infosec products of the week: July 31, 2020
A rundown of infosec products released last week.