Week in review: Windows Server 2025 gets hotpatching option, PoC for SolarWinds WHD flaw released
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
Windows Server 2025 gets hotpatching option, without reboots
Organizations that plan to upgrade to Windows Server 2025 once it becomes generally available will be able to implement some security updates by hotpatching running processes.
PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987)
Details about and proof-of-concept (PoC) exploit code for CVE-2024-28987, a recently patched SolarWinds Web Help Desk (WHD) vulnerability that could be exploited by unauthenticated attackers to remotely read and modify all help desk ticket details, are now public.
MFA bypass becomes a critical security issue as ransomware tactics advance
Ransomware is seen as the biggest cybersecurity threat across every industry, with 75% of organizations affected by ransomware more than once in the past 12 months – a jump from 61% in 2023, according to SpyCloud.
Developing an effective cyberwarfare response plan
In this Help Net Security interview, Nadir Izrael, CTO at Armis, discusses how AI has transformed cyberwarfare by amplifying attacks’ scale and sophistication.
Active Directory compromise: Cybersecurity agencies provide guidance
Active Directory (AD), Microsoft’s on-premises directory service for Windows domain networks, is so widely used for enterprise identity and access management that compromising it has become almost a standard step in cyber intrusions.
Compliance management strategies for protecting data in complex regulatory environments
In this Help Net Security interview, Andrius Buinovskis, Head of Product at NordLayer, discusses how organizations can assess their compliance management and ensure they meet regulatory requirements.
The number of Android memory safety vulnerabilities has tumbled, and here’s why
Google’s decision to write new code into Android’s codebase in Rust, a memory-safe programming language, has resulted in a significant drop in memory safety vulnerabilities, despite old code (written in C/C++) not having been rewritten.
Securing non-human identities: Why fragmented strategies fail
In this Help Net Security interview, John Yeoh, Global VP of Research at CSA, discusses the growing security challenges posed by non-human identities (NHIs).
Ivanti vTM auth bypass flaw exploited in attacks, CISA warns (CVE-2024-7593)
CVE-2024-7593, a critical authentication bypass vulnerability affecting Ivanti Virtual Traffic Manager (vTM) appliances, is actively exploited by attackers.
Future-proofing cybersecurity: Why talent development is key
In this Help Net Security interview, Jon France, CISO at ISC2, discusses cybersecurity workforce growth.
Transportation, logistics companies targeted with lures impersonating fleet management software
Financially motivated threat actors are targeting North American companies in the transportation and logistics sector with tailored lures, info-stealing malware, and a clever new trick.
Offensive cyber operations are more than just attacks
In this Help Net Security interview, Christopher Jones, Chief Technology Officer and Chief Data Officer at Nightwing, talks about some key misconceptions and complexities surrounding offensive cyber operations.
US-based Kaspersky users startled by unexpected UltraAV installation
A poorly executed “handover” of US-based Kaspersky customers has led some users to panic when software named UltraAV popped up on their computers without any action on their part.
Tosint: Open-source Telegram OSINT tool
Tosint is an open-source Telegram OSINT tool that extracts useful information from Telegram bots and channels. It’s suited for security researchers, investigators, and others who want to gather insights from Telegram sources.
Telegram will share IP addresses, phone numbers of criminal suspects with cops
Telegram will start handing over the IP addresses and phone numbers of users who violate their Terms of Service “to relevant authorities in response to valid legal requests”, Telegram founder and CEO Pavel Durov has announced on Monday.
NetAlertX: Open-source Wi-Fi intruder detector
NetAlertX is an open-source Wi-Fi/LAN intruder detection tool that scans your network for connected devices and alerts you when new or unknown devices are detected.
Organizations are changing cybersecurity providers in wake of Crowdstrike outage
More often than not, a cyber attack or a cyber incident that results in business disruption will spur organizations to make changes to improve their cybersecurity and cyber resilience – and sometimes that means changing cybersecurity providers.
Certainly: Open-source offensive security toolkit
Certainly is an open-source offensive security toolkit designed to capture extensive traffic across various network protocols in bit-flip and typosquatting scenarios.
CUPS vulnerabilities affecting Linux, Unix systems can lead to RCE
After much hyping and following prematurely leaked information by a third party, security researcher Simone Margaritelli has released details about four zero-day vulnerabilities in the Common UNIX Printing System (CUPS) that can be abused by remote, unauthenticated attackers to achieve code execution on vulnerable Linux and Unix-like sistems.
3 tips for securing IoT devices in a connected world
An effective, comprehensive approach to IoT security requires organizations to have complete visibility into all connected devices within their network, addressing common vulnerabilities such as built-in backdoors and outdated firmware, alongside ensuring secure deployment practices.
Rethinking privacy: A tech expert’s perspective
In this Help Net Security video, Dr. Micah Altman, lead co-author of the TechBrief on Data Privacy Protection and Research Scientist at the Center for Research on Equitable and Open Scholarship at MIT, discusses protecting data privacy.
How cyber compliance helps minimize the risk of ransomware infections
Over the past decade, ransomware has been cemented as one of the top cybersecurity threats. In 2023 alone, the FBI received 2,385 ransomware complaints, resulting in over $34 million in losses.
AI use: 3 essential questions every CISO must ask
While AI has driven significant investment and optimism, there is growing concern that its capabilities may have been overhyped.
The surge in cyber insurance and what it means for your business
The cyber insurance market is set for explosive growth as organizations increasingly seek financial protection against rising cyber threats.
65% of websites are unprotected against simple bot attacks
Companies across industries are seeing more bot-driven attacks, both basic and advanced, according to DataDome.
How to lock and hide iPhone apps in iOS 18
iOS 18 allows you to lock and hide apps to protect the information within them by requiring Face ID, Touch ID, or your passcode for access, while also concealing the content from searches, notifications, and various areas throughout the system.
Cybersecurity jobs available right now: September 25, 2024
We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.
Discover how online fraud can impact your business
Recent reports underscore increased fraud losses driven by both old methods and new technologies.
New infosec products of the week: September 27, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Absolute, ArmorCode, Bitdefender, Guardsquare, Malwarebytes, NETGEAR, and Nudge Security.