Week in review: Vulnerability allows Yubico security keys cloning, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
Vulnerability allows Yubico security keys to be cloned
Researchers have unearthed a cryptographic vulnerability in popular Yubico (FIDO) hardware security keys and modules that may allow attackers to clone the devices.
September 2024 Patch Tuesday forecast: Downgrade is the new exploit
Microsoft confirmed several reported issues throughout the month about the August updates. They added a comment to KB5041578 for Server 2019 noting that after installing the August update you can experience slowdowns, unresponsiveness, and high CPU usage.
Complying with PCI DSS requirements by 2025
Version 4.0.1 of the Payment Card Industry Data Security Standard (PCI DSS), which came into effect back in April, incorporates a few important changes to make it fit for the modern digital world, addressing how technologies, the threat landscape and payment processes have changed.
Exposed: Russian military Unit 29155 does digital sabotage, espionage
Unit 29155 (aka Cadet Blizzard, aka Ember Bear) are “junior active-duty GRU officers under the direction of experienced Unit 29155 leadership”, but they are also aided by known (Russian) cyber-criminals.
Protecting national interests: Balancing cybersecurity and operational realities
With cyber threats becoming increasingly sophisticated and targeting critical infrastructure, in this Help Net Security interview, David Ferbrache, managing director of Beyond Blue, discusses the current state of cybersecurity readiness and resilience.
How ransomware tactics are shifting, and what it means for your business
In this Help Net Security interview, Tim West, Director of Threat Intelligence and Outreach at WithSecure, discusses Ransomware-as-a-Service (RaaS) with a focus on how these cybercriminal operations are adapting to increased competition, shifting structures, and a fragmented ecosystem.
OpenBAS: Open-source breach and attack simulation platform
OpenBAS is an open-source platform that enables organizations to plan, schedule, and execute crisis exercises, adversary simulations, and breach simulations.
Cybersecurity jobs available right now: September 4, 2024
We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.
Respotter: Open-source Responder honeypot
Respotter is an open-source honeypot designed to detect attackers when they launch Responder within your environment.
Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261)
Zyxel has patched a myriad of vulnerabilities in its various networking devices, including a critical one (CVE-2024-7261) that may allow unauthenticated attackers to execute OS commands on many Zyxel access points (APs) and security routers by sending a specially crafted cookie to the vulnerable devices.
Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195)
For the fourth time in the last five months, Apache OFBiz users have been advised to upgrade their installations to fix a critical flaw (CVE-2024-45195) that could lead to unauthenticated remote code execution.
Microchip Technology confirms theft of employee data
US-based semiconductor manufacturer Microchip Technology has confirmed that the cyberattack it suffered in August 2024 resulted in the theft of data, including “employee contact information and some encrypted and hashed passwords.”
The future of automotive cybersecurity: Treating vehicles as endpoints
The automotive industry is facing many of the same cybersecurity risks and threats that successful organizations in other sectors are up against, but it’s also battling some distinct ones.
North Korean hackers’ social engineering tricks
“North Korean malicious cyber actors conducted research on a variety of targets connected to cryptocurrency exchange-traded funds (ETFs) over the last several months,” the FBI has warned through a public service announcement.
Transport for London is dealing with a cyber security incident
Transport for London (TfL) has sent out notifications to customers on Sunday evening saying that they “are currently dealing with an ongoing cyber security incident.”
Human firewalls are essential to keeping SaaS environments safe
Businesses run on SaaS solutions: nearly every business function relies on multiple cloud-based tech platforms and collaborative work tools like Slack, Google Workspace apps, Jira, Zendesk and others.
A third of organizations suffered a SaaS data breach this year
Changes required for SaaS security often take a backseat to business goals, even as business unit heads need to gain the knowledge to implement security controls.
Enterprise DSPM for Fortune 500 – 1touch.io is your go-to solution
In this Help Net Security video, Jesse Sedler, VP of Product at 1touch.io, provides a compelling overview of the company’s innovative data security posture management solutions.
How to gamify cybersecurity preparedness
Organizations’ preparedness and resilience against threats isn’t keeping pace with cybercriminals’ advancements
Ransomware attacks escalate as critical sectors struggle to keep up
Ransomware remains a concerning cybersecurity threat, with attacks becoming more frequent, severe, and costly. Recent reports highlight alarming trends, including increased attacks on critical sectors like healthcare, education, and manufacturing.
The attack with many names: SMS Toll Fraud
Bad actors leverage premium-rate phone numbers and bots to steal billions of dollars from businesses. In this Help Net Security video, Frank Teruel, CFO at Arkose Labs, discusses how to spot and stop them.
Damn Vulnerable UEFI: Simulate real-world firmware attacks
Damn Vulnerable UEFI (DVUEFI) is an open-source exploitation toolkit and learning platform for unveiling and fixing UEFI firmware vulnerabilities.
Keeping up with automated threats is becoming harder
98% of organizations attacked by bots in the past year lost revenue as a result, according to Kasada.
Managing low-code/no-code security risks
A prime candidate for inclusion under the CTEM umbrella is software created in low-code/ no-code (LCNC) and robotic process automation (RPA) environments.
The true cost of cybercrime for your business
As cybercriminals continue to refine their methods, blending traditional strategies with new technologies, the financial toll on individuals and organizations has reached alarming levels.
Infosec products of the month: August 2024
Here’s a look at the most interesting products from the past month, featuring releases from: Adaptive Shield, AppOmni, ArmorCode, Bitwarden, Cequence Security, ClearSale, Clutch Security, Contrast Security, Dragos, Elastic, Endor Labs, Entrust, Fortanix, Fortinet, Guardio, HYCU, Ivanti, McAfee, Nucleus Security, Own, Rapid7, Resecurity, Rezonate, RightCrowd, Stellar, Veza, Wallarm, and Wing Security.
New infosec products of the week: September 6, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Binarly, Bitdefender, Prompt Security, Revenera, Skyhigh Security, and Vanta.