Week in review: 5 free CISA resources, surviving a DDoS attack, Google to make Cobalt Strike useless
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
Google seeks to make Cobalt Strike useless to attackers
Google Cloud’s intelligence research and applications team has created and released a collection of 165 YARA rules to help defenders flag Cobalt Strike components deployed by attackers.
Fake subscription invoices lead to corporate data theft and extortion
A threat actor dubbed Luna Moth has been leveraging social engineering and legitimate software to steal sensitive data and extort money from small and medium-size businesses.
A flaw in ConnectWise Control spurred the company to make life harder for scammers
A vulnerability in popular remote access service/platform ConnectWise Control could have been leveraged by scammers to make compromising targets’ computers easier, Guardio researchers have discovered.
5G can reduce – but also create – security risk
In this interview with Help Net Security, Anubhav Arora, VP of Security Engineering at Cradlepoint, talks about the most common 5G security misconceptions, how to make sure the network is safe, but also how 5G can benefit businesses.
5 free resources from the Cybersecurity and Infrastructure Security Agency (CISA)
The Cybersecurity and Infrastructure Security Agency (CISA) is an agency of the United States Department of Homeland Security. CISA is in charge of enhancing cybersecurity and infrastructure protection at all levels of government, coordinating cybersecurity initiatives with American U.S. states, and enhancing defenses against cyberattacks.
Future-proofing asset and vulnerability intelligence in response to CISA’s BOD 23-01
Modern environments have become more dynamic and the need for equally progressive asset discovery techniques has intensified. The new Cybersecurity and Infrastructure Security Agency (CISA) Binding Operational Directive (BOD) 23-01 recognizes this fact.
Three security design principles for public REST APIs
In this Help Net Security video, Dr. Pedram Hayati, Founder of SecDim, offers a technical write-up based on a secure programming challenge.
90% of organizations have Microsoft 365 security gaps
A recently published study evaluated 1.6 million Microsoft 365 users across three continents, finding that 90% of organizations had gaps in essential security protections.
How entrepreneurs can capitalize on the impending golden age of cybersecurity
As the markets continue to fluctuate, budget cuts and layoffs now extend across the tech industry, with cybersecurity no exception from tightening its belt and assessing its priorities.
Legacy IT system modernization largely driven by security concerns
In this Help Net Security video, Tim Jones, Managing Director, Application Modernization for Advanced, talks about how being tethered to legacy systems is seen as a true barrier to digitalization for the enterprise today, and offers insight into the main reasons for modernizing the mainframe.
The pros and cons of using open-source Kubernetes security software
Open source tools are a key part of the Kubernetes security environment, with most companies using open source Kubernetes security software, research by ARMO has revealed.
Out of the blue: Surviving an 18-hour, 39M-request DDoS attack
No online business can afford to neglect malicious bot threats. Attackers and fraudsters increasingly leverage bots to automate and coordinate attacks, driving IT teams and ill-equipped security tools to their limits.
What cyber insurance really covers
In this Help Net Security video, Manoj Bhatt, Head of Security and Advisory at Telstra Purple, discusses how with increasing product complexity and compliance requirements, ever-rising product premiums, and access to cover restricted for many organizations, many security teams are questioning the value of cover in the first place.
Threat actors extend attack techniques to new enterprise apps and services
Perception Point announced the publication of a report, “The Rise of Cyber Threats Against Email, Browsers and Emerging Cloud-Based Channels“, which evaluates the responses of security and IT decision-makers at large enterprises and reveals numerous significant findings about today’s enterprise threat landscape.
Best practices for implementing a company-wide risk analysis program
For most organizations today, the threat surface is broad and getting broader. There are the obvious concerns like the user base, remote or BYOD computing, on-premises infrastructure, and cloud, SaaS, and virtual environments.
The impact of inadequate SaaS management
In this Help Net Security video, Uri Haramati, CEO at Torii, talks about how it’s impossible for IT to take full ownership or responsibility for managing cloud apps today.
Cyber risk focus areas for portfolio companies
IT management is a top concern, with many portfolio companies struggling with IT hygiene, potentially leaving them susceptible to costly breaches, according to a report from BlueVoyant.
The safest datacenter is the one that works best
A recent Gartner study found that organizations’ overall spending on datacenters is set to amount to $221B in 2023 – a predicted rise of 11.3% in spending since 2021. It’s clear that investment in datacenters is a global priority for businesses.
How cloud PCs act as an insurance plan for ransomware recovery
In this Help Net Security video, Matt Davidson, CTO at Workspot, discusses how cloud PCs are serving as a modern insurance plan for business recovery, enabling safe access for employees from anywhere in the world at a moment’s notice while IT leaders investigate and mitigate the damage.
Here’s how to make sure your incident response strategy is ready for holiday hackers
The best line of defense against holiday hacking schemes is a comprehensive incident response strategy that focuses on end-user vulnerabilities.
Overcoming unique cybersecurity challenges in schools
With ransomware attacks rising, administrators must find ways to prevent their schools from becoming the next victim, while preserving the integrity of the learning process.
Introducing the book: The Security Analyst’s Guide to Suricata
In this Help Net Security video interview, Eric Leblond, CTO at Stamus Networks, talks about The Security Analyst’s Guide to Suricata, a book he co-wrote with Peter Manev.
New infosec products of the week: November 25, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Solvo, Sonrai Security, and Spring Labs.