Week in review: Costliest cybersecurity failures, DNS hijacking protection, AWS security automation

Here’s an overview of some of last week’s most interesting news, interviews and articles: Cisco patches critical, wormable RCE flaw in Cisco Jabber[1]
Cisco has patched four vulnerabilities in its Jabber client for Windows, the most critical of which (CVE-2020-3495) could allow attackers to achieve remote code execution by sending specially crafted chat messages. September 2020 Patch Tuesday forecast: Back to school?[2]
Another month has passed working from home and September Patch Tuesday is upon us.

For most of us here in the US, September usually signals back to school for our children and with that comes a huge increase in traffic on our highways. But I suspect with the big push for remote learning from home, those of us in IT may be more worried about the increase in network traffic. So, should we expect a large number of updates this Patch Tuesday that will bog down our networks?

Which cybersecurity failures cost companies the most and which defenses have the highest ROI?[3]
Massachusetts Institute of Technology (MIT) scientists have created a cryptographic platform that allows companies to securely share data on cyber attacks they suffered and the monetary cost of their cybersecurity failures without worrying about revealing sensitive information to their competitors or damaging their own reputation. Microsoft builds deepfakes detection tool to combat election disinformation[4]
Microsoft has developed a deepfakes detection tool to help news publishers and political campaigns, as well as technology to help content creators “mark” their images and videos in a way that will show if the content has been manipulated post-creation. Five critical cloud security challenges and how to overcome them[5]
Today’s organizations desire the accessibility and flexibility of the cloud, yet these benefits ultimately mean little if you’re not operating securely.

One misconfigured server and your company may be looking at financial or reputational damage that takes years to overcome. Companies continue to expose unsafe network services to the internet[6]
33% of companies within the digital supply chain expose common network services such as data storage, remote access and network administration to the internet, according to RiskRecon. In addition, organizations that expose unsafe services to the internet also exhibit more critical security findings.

Safe domain: How to protect your enterprise from DNS hijacking[7]
When users type in or click on a domain name, they typically assume that they are going to the site that they want to go to. But if a successful DNS hijacking attack has been executed, cybercriminals can take the user to a completely different – and dangerous – web space. How to drive business value through balanced development automation[8]
Aligning security and delivery at a strategic level is one of the most complex challenges for executives.

It starts with an understanding that risk-based thinking should not be perceived as an overhead or tax, but a value added component of creating a high-quality product or service. Essential features of security automation for the AWS platform[9]
A common security problem in AWS is an open S3 storage bucket where data is publicly readable on the Internet. Despite the default configuration of S3 buckets being private, it’s fairly easy for developers to change policies to be open and for that permission change to apply in a nested fashion.

A security automation tool should be able to find and identify this insecure configuration and simply disable public access to the resource without requiring human intervention. RedCommander: Open source tool for red teaming exercises[10]
GuidePoint Security released a new open source tool that enables a red team to easily build out the necessary infrastructure. Apple-notarized malware foils macOS defenses[11]
Shlayer adware creators have found a way to get their malicious payload notarized by Apple, allowing it to bypass anti-malware checks performed by macOS before installing any software.
Organizations facing surge in phishing attacks since the start of the pandemic[12]
The frequency of phishing threats has risen considerably since the pandemic started, with companies experiencing an average of 1,185 attacks every month, according to a survey from GreatHorn.

Attackers are exploiting two zero-day flaws in Cisco enterprise-grade routers[13]
A technical support intervention has revealed two zero-day vulnerabilities in the OS running on Cisco enterprise-grade routers that attackers are trying to actively exploit. Security teams stretched to breaking point trying to secure new remote working regimes[14]
The cybersecurity skills shortage means that many organizations are in urgent need of talented and experienced security professionals. This has been intensified by the pandemic, with security teams stretched to breaking point trying to secure new remote working regimes against the influx of opportunistic cyberattacks.

Mobile voting: Hype or reality?[15]
For most of us, voting by anything other than a paper ballot or a voting machine is a foreign concept. Due to the pandemic and shelter in place restrictions, various alternatives have been considered this year — in particular, voting via our mobile devices. Phishing gangs mounting high-ticket BEC attacks, average loss now £80,000[16]
Companies are losing money to criminals who are launching Business Email Compromise (BEC) attacks as a more remunerative line of business than retail-accounts phishing, APWG reveals.

Private, unlicensed 5G mobile network adoption may intensify NetOps and SecOps challenges[17]
While 5G sometimes seems like the panacea for just about everything, it will likely intensify the already common friction between NetOps and SecOps teams that will take part in deployments and operations of the 5G mobile network. Besides faster speeds, lower latency, greater coverage and ultra-reliable mobile services across new radio spectrums, 5G brings tectonic changes in mobile architecture and enables totally novel applications with highly complex requirements. Surging CMS attacks keep SQL injections on the radar during the next normal[18]
This year, cyberattacks have been on the rise during the pandemic, leaving businesses to wonder whether or not things will settle down whenever the COVID-19 situation begins to wane, or if this is the next normal for the indefinite future.

Why data is the missing link in your cybersecurity strategy[19]
When evaluating cyber security risks to the organization, we’re typically looking at users, devices and IoT devices as possible ways into the infrastructure. And yet it’s not these people and things attackers are really interested in – it’s the data. Qualys Multi-Vector EDR: Protection across the entire threat lifecycle[20]
In this interview, Sumedh Thakar, President and Chief Product Officer, illustrates how Qualys fills the gaps by introducing a new multi-vector approach and the unifying power of its Cloud Platform to EDR, providing essential context and visibility to the entire attack chain.

(ISC)? research: Why cybersecurity is a great choice for an exciting career[21]
Organizations from all industries and sectors are all seeking skilled security staff. Every role within IT has a cybersecurity aspect. Focusing on security as your primary role opens up a world of options.

Live webinar: XDR and beyond[22]
Anyone paying attention to the cybersecurity technology market has heard the term XDR – Extended Detection and Response.

It’s a new technology approach that combines multiple protection technologies into a single platform.

References

  1. ^ Cisco patches critical, wormable RCE flaw in Cisco Jabber (www.helpnetsecurity.com)
  2. ^ September 2020 Patch Tuesday forecast: Back to school? (www.helpnetsecurity.com)
  3. ^ Which cybersecurity failures cost companies the most and which defenses have the highest ROI? (www.helpnetsecurity.com)
  4. ^ Microsoft builds deepfakes detection tool to combat election disinformation (www.helpnetsecurity.com)
  5. ^ Five critical cloud security challenges and how to overcome them (www.helpnetsecurity.com)
  6. ^ Companies continue to expose unsafe network services to the internet (www.helpnetsecurity.com)
  7. ^ Safe domain: How to protect your enterprise from DNS hijacking (www.helpnetsecurity.com)
  8. ^ How to drive business value through balanced development automation (www.helpnetsecurity.com)
  9. ^ Essential features of security automation for the AWS platform (www.helpnetsecurity.com)
  10. ^ RedCommander: Open source tool for red teaming exercises (www.helpnetsecurity.com)
  11. ^ Apple-notarized malware foils macOS defenses (www.helpnetsecurity.com)
  12. ^ Organizations facing surge in phishing attacks since the start of the pandemic (www.helpnetsecurity.com)
  13. ^ Attackers are exploiting two zero-day flaws in Cisco enterprise-grade routers (www.helpnetsecurity.com)
  14. ^ Security teams stretched to breaking point trying to secure new remote working regimes (www.helpnetsecurity.com)
  15. ^ Mobile voting: Hype or reality? (www.helpnetsecurity.com)
  16. ^ Phishing gangs mounting high-ticket BEC attacks, average loss now £80,000 (www.helpnetsecurity.com)
  17. ^ Private, unlicensed 5G mobile network adoption may intensify NetOps and SecOps challenges (www.helpnetsecurity.com)
  18. ^ Surging CMS attacks keep SQL injections on the radar during the next normal (www.helpnetsecurity.com)
  19. ^ Why data is the missing link in your cybersecurity strategy (www.helpnetsecurity.com)
  20. ^ Qualys Multi-Vector EDR: Protection across the entire threat lifecycle (www.helpnetsecurity.com)
  21. ^ (ISC)? research: Why cybersecurity is a great choice for an exciting career (www.helpnetsecurity.com)
  22. ^ Live webinar: XDR and beyond (www.helpnetsecurity.com)

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *