Week in review: 87k+ Fortinet devices still open to attack, red teaming tool used for EDR evasion

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113)
Last week, CISA added CVE-2024-23113 – a critical vulnerability that allows unauthenticated remote code/command execution on unpatched Fortinet FortiGate firewalls – to its Known Exploited Vulnerabilities catalog, thus confirming that it’s being leveraged by attackers in the wild.

Attackers deploying red teaming tool for EDR evasion
Threat actors are leveraging the open-source EDRSilencer tool to evade endpoint detection and response systems, Trend Micro researchers have noticed.

GhostStrike: Open-source tool for ethical hacking
GhostStrike is an open-source, advanced cybersecurity tool tailored for ethical hacking and Red Team operations.

The role of compromised cyber-physical devices in modern cyberattacks
Fyodor Yarochkin, Senior Threat Solution Architect with Trend Micro, believes that getting a better understanding of attackers’ infrastructure leads to a better understanding of the attackers themselves.

Israeli orgs targeted with wiper malware via ESET-branded emails
Attackers have tried to deliver wiper malware to employees at organizations across Israel by impersonating cybersecurity company ESET via email.

How NIS2 will impact sectors from healthcare to energy
In this Help Net Security interview, Mick Baccio, Global Security Advisor at Splunk SURGe, discusses the far-reaching implications of the NIS2 Directive beyond traditional IT security.

Arrested: USDoD, Anonymous Sudan, SEC X account hacker
Law enforcement agencies have arrested suspects involved in cyber attacks claimed by USDoD and Anonymous Sudan, as well as a person involved in the hacking of SEC’s X (Twitter) account.

Strengthening Kubernetes security posture with these essential steps
In this Help Net Security interview, Paolo Mainardi, CTO at SparkFabrik, discusses comprehensive strategies to secure Kubernetes environments from development through deployment. He focuses on best practices, automation, and continuous monitoring.

Fake Google Meet pages deliver infostealers
Users of the Google Meet video communication service have been targeted by cyber crooks using the ClickFix tactic to infect them with information-stealing malware.

Microsoft lost some customers’ cloud security logs
The preliminary post incident review says that the cause was a bug in the internal monitoring agent that was triggered when a fix for a bug in the log collection service was rolled out.

How nation-states exploit political instability to launch cyber operations
In this Help Net Security interview, Ismael Valenzuela, Vice President of Threat Research & Intelligence at BlackBerry, discusses the impact of geopolitical tensions on the frequency and sophistication of cyberattacks.

Defenders must adapt to shrinking exploitation timelines
A new report from Mandiant reveals that the average time-to-exploit vulnerabilities before or after a patch is released has plunged to just five days in 2023, down from 32 days in 2021 in 2022.

CISOs’ strategies for managing a growing attack surface
In this Help Net Security interview, Rickard Carlsson, CEO at Detectify, discusses the evolution of attack surface management in the context of remote work and digital transformation.

Resilience over reliance: Preparing for IT failures in an unpredictable digital world
No IT system — no matter how advanced – is completely immune to failure. The promise of a digital ring of steel may sound attractive, but can it protect you against hardware malfunctions? Software bugs? Unexpected environmental conditions? Cybersecurity threats? Human error? And that’s just for starters.

MongoDB Queryable Encryption now supports range queries on encrypted data
MongoDB Queryable Encryption allows customers to securely encrypt sensitive application data and store it in an encrypted format within the MongoDB database.

AI data collection under fire
In this Help Net Security video, James Blake, Global Head of Cyber Resiliency GTM Strategy at Cohesity, discusses the issues related to AI data collection.

CISSP and CompTIA Security+ lead as most desired security credentials
33.9% of tech professionals report a shortage of AI security skills, particularly around emerging vulnerabilities like prompt injection, according to O’Reilly.

The NHI management challenge: When employees leave
For each non-human identity in an enterprise, an average of 92 non-human identities (NHIs) are created. When employees exit, NHIs can become unmanaged, and in many cases, exposed to exploitation.

The dark side of API security
In this Help Net Security video, Lori MacVittie, a Distinguished Engineer at F5, discusses the current state of API security.

Android 15 unveils new security features to protect sensitive data
Android 15 brings enhanced security features to protect your sensitive health, financial, and personal data from theft and fraud. It also introduces productivity improvements for large-screen devices and updates to apps like the camera, messaging, and passkeys.

The quantum dilemma: Game-changer or game-ender
If someone told you five years ago that you could pose questions to an AI agent about the most vexing issues in science and it could answer back swiftly and meaningfully, you would’ve thought they were joking. But AI has ushered in this reality. The same holds true for quantum computing.

Data breaches trigger increase in cyber insurance claims
Cyber claims have continued their upwards trend over the past year, driven in large part by a rise in data and privacy breach incidents, according to Allianz.

CIOs want a platform that combines AI, networking, and security
While AI has captured the attention of the technology industry, the majority of CIOs and senior IT leaders are primarily focused on the convergence of networking and security, according to Extreme Networks.

Breaking down the numbers: Q3 2024 cybersecurity funding activity recap
We present a list of selected cybersecurity companies that received funding during the third quarter of 2024 (Q3 2024).

How to create verification codes in Apple Passwords app
Starting with iOS 18, iPadOS 18, macOS Sequoia, and visionOS 2, the Apple Passwords app enables you to manage your passwords, passkeys, and verification codes.

What to do if your iPhone or Android smartphone gets stolen?
A lost, stolen, or compromised smartphone today means we are in serious trouble. Most people have everything related to their personal and professional lives stored on their phones, a fact that criminals are well aware of.

Cybersecurity jobs available right now: October 16, 2024
We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.

Product showcase: Secure and scale your network with NordLayer’s advanced security solutions
NordLayer offers a sophisticated, scalable solution designed for businesses that require high-level protection without sacrificing flexibility.

New infosec products of the week: October 18, 2024
Here’s a look at the most interesting products from the past week, featuring releases from ExtraHop, GitGuardian, Nametag, Okta, Rubrik, and Sectigo.