Cloud adoption was already strong heading into 2020. According to a study by O’Reilly, 88% of businesses were using the cloud in some form in January 2020. The global pandemic just accelerated the move to SaaS tools. This seismic shift where businesses live day-to-day means a massive amount of business data is making its way into the cloud. All this data is absolutely critical for core business functions. However, it is all too often mistakenly … More
Confluera 2.0: Enhanced autonomous detection and response capabilities to protect cloud infrastructure Confluera XDR delivers a purpose-built cloud workload detection and response solution with the unique ability to deterministically track threats progressing through the environment. Confluera holistically integrates security signals from the environment to provide a complete attack narrative of a cyberattack in real-time, as opposed to showing isolated alerts. Aqua Security unveils Kubernetes-native security capabilities Aqua Security’s new Kubernetes security solution addresses the complexity … More
The post New infosec products of the week: October 30, 2020 appeared first on Help Net Security.
The number of records exposed has increased to a staggering 36 billion. There were 2,935 publicly reported breaches in the first three quarters of 2020, with the three months of Q3 adding an additional 8.3 billion records to what was already the “worst year on record,” Risk Based Security reveals. “The quagmire that formed in the breach landscape this Spring has continued through the third quarter of the year,” commented Inga Goddijn, Executive VP at … More
The post Breaches down 51%, exposed records set new record with 36 billion so far appeared first on Help Net Security.
A critical and easily exploitable remote code execution vulnerability (CVE-2020-14882) in Oracle WebLogic Server is being targeted by attackers, SANS ISC has warned. Oracle WebLogic is a Java EE application server that is part of Oracle’s Fusion Middleware portfolio and supports a variety of popular databases. These servers are often targeted by attackers, whether for cryptocurrency mining or as a way into other enterprise systems. About the vulnerability (CVE-2020-14882) CVE-2020-14882 may allow unauthenticated attackers with … More
The post Easily exploitable RCE in Oracle WebLogic Server under attack (CVE-2020-14882) appeared first on Help Net Security.
In the past few years, the use of automation in many spheres of cybersecurity has increased dramatically, but penetration testing has remained stubbornly immune to it. While crowdsourced security has evolved as an alternative to penetration testing in the past 10 years, it’s not based on automation but simply throwing more humans at a problem (and in the process, creating its own set of weaknesses). Recently though, tools that can be used to automate penetration … More
Connected devices are becoming more ingrained in our daily lives and the burgeoning IoT market is expected to grow to 41.6 billion devices by 2025. As a result of this rapid growth and adoption at the consumer and commercial level, hackers are infiltrating these devices and mounting destructive hacks that put sensitive information and even lives at risk. These attacks and potential dangers have kept security at top of mind for manufacturers, technology companies and … More
The post What the IoT Cybersecurity Improvement Act of 2020 means for the future of connected devices appeared first on Help Net Security.
Since the middle of the 20th century, commercial advertising and marketing techniques have made their way into the sphere of political campaigns. The tactics associated with surveillance capitalism – the commodification of personal data for profit as mastered by companies like Google and Facebook – have followed the same path. The race between competing political campaigns to out-collect, out-analyze and out-leverage voter data has raised concerns about the damaging effects it has on privacy and … More
The post Political campaigns adopt surveillance capitalism at their own peril appeared first on Help Net Security.
As the number one threat vector for most organizations, email continues to be widely used by cybercriminals to penetrate organizations in support of a wide variety of cyberattacks. Unlike other attack vectors, email enables cybercriminals to directly leverage humans in an effort to bypass security controls and facilitate attacks. A more comprehensive email security solution is needed—one that protects at the perimeter, inside the network and the organization, and beyond the perimeter. Mimecast’s Email Security … More
Healthcare delivery organizations (HDOs) have been busy increasing their network and systems security in the last year, though there is still much room for improvement, according to Forescout researchers. This is the good news: the percentage of devices running Windows unsupported operating systems fell from 71% in 2019 to 32% in 2020 and there have been improvements when it comes to timely patching and network segmentation. The bad news? Some network segmentation issues still crop … More
It’s safe to assume that we need to protect presidential election data, since it’s one of the most critical sets of information available. Not only does it ensure the legitimacy of elections and the democratic process, but also may contain personal information about voters. Given its value and sensitivity, it only makes sense that this data would be a target for cybercriminals looking for some notoriety – or a big ransom payment. In 2016, more … More
The post How to apply data protection best practices to the 2020 presidential election appeared first on Help Net Security.
The majority of applications contain at least one security flaw and fixing those flaws typically takes months, a Veracode report reveals. This year’s analysis of 130,000 applications found that it takes about six months for teams to close half the security flaws they find. The report also uncovered some best practices to significantly improve these fix rates. There are some factors that teams have a lot of control over, and those they have very little … More
The post 76% of applications have at least one security flaw appeared first on Help Net Security.
A report published last year has noted that most attacks against artificial intelligence (AI) systems are focused on manipulating them (e.g., influencing recommendation systems to favor specific content), but that new attacks using machine learning (ML) are within attackers’ capabilities. Microsoft now says that attacks on machine learning (ML) systems are on the uptick and MITRE notes that, in the last three years, “major companies such as Google, Amazon, Microsoft, and Tesla, have had their … More
The post A new threat matrix outlines attacks against machine learning systems appeared first on Help Net Security.
Like most American businesses, middle market companies have been forced to rapidly implement a variety of work-from-home strategies to sustain productivity and keep employees safe during the COVID-19 pandemic. This shift, in most cases, was conducted with little chance for appropriate planning and due diligence. This is especially true in regard to the security and compliance of remote work solutions, such as new cloud platforms, remote access products and outsourced third parties. Many middle market … More
The post Work from home strategies leave many companies in regulatory limbo appeared first on Help Net Security.
Mark Sangster, VP and Industry Security Strategist at eSentire, is a cybersecurity evangelist who has spent significant time researching and speaking to peripheral factors influencing the way that legal firms integrate cybersecurity into their day-to-day operations. In this interview, he discusses MDR services and the MDR market. What are the essential building blocks of a robust MDR service? Managed Detection and Response (MDR) must combine two elements. The first is an aperture that can collect … More
The post MDR service essentials: Market trends and what to look for appeared first on Help Net Security.
Organizations are often forced to make critical security decisions based on threat data that is not accurate, relevant and fresh, a Neustar report reveals. Just 60% of cybersecurity professionals surveyed indicate that the threat data they receive is both timely and actionable, and only 29% say the data they receive is both extremely accurate and relevant to the threats their organization is facing at that moment. Few orgs basing decisions on near real-time data With … More
The post Organizations struggle to obtain quality threat data to guide key security decisions appeared first on Help Net Security.
News of an unusual data breach at a psychotherapy center in Finland broke over the weekend, after affected patients began receiving emails telling them to pay up or risk their personal and health data being publicly released. Therapist session notes of some 300 patients have already been published on a Tor-accessible site on the dark web. Among the victims are Finnish politicians (e.g., Member of Parliament Eeva-Johanna Eloranta) and minors. What is known about the … More
The post Hackers breach psychotherapy center, use stolen health data to blackmail patients appeared first on Help Net Security.
Over the six-month period from March to August 2020, over 925,000 malicious emails managed to bypass Office 365 defenses and well-known secure email gateways (SEGs), an Area 1 Security study reveals. How criminals bypass Office 365 defenses Attackers increasingly use highly sophisticated, targeted campaigns like business email compromise to evade traditional email defenses, which are based on already-known threats. Attackers also often use Microsoft’s own tools and branding to bypass legacy defenses and email authentication … More
The post Attackers finding new ways to exploit and bypass Office 365 defenses appeared first on Help Net Security.
For better or for worse, the global COVID-19 pandemic has confined most of us to our own countries (our houses and apartments, even), has changed how and from where we do our work, and has restricted our social lives. The distractions and tools still available to help us battle our growing anxiety and sadness are few, but some of them, such as learning new things, are very powerful. Happily for all of us, many courses … More
The post HITBSecTrain: Cutting-edge virtual cyber security trainings on a monthly basis appeared first on Help Net Security.
Email attacks have moved past standard phishing and become more targeted over the years. In this article, I will focus on email impersonation attacks, outline why they are dangerous, and provide some tips to help individuals and organizations reduce their risk exposure to impersonation attacks. What are email impersonation attacks? Email impersonation attacks are malicious emails where scammers pretend to be a trusted entity to steal money and sensitive information from victims. The trusted entity … More
The post 5 tips to reduce the risk of email impersonation attacks appeared first on Help Net Security.
Deepwatch Lens Score: SecOps maturity planning and benchmarking Deepwatch Lens Score allows CISOs to quickly understand data source collection, active analytics, and what their Maturity Score is today and how to improve it. The powerful app is intuitive and delivers valuable data and insights to CISOs in a few minutes in the palm of their hand. Entrust launches direct-to-card solution for instant physical and mobile ID issuance Sigma systems deliver a seamless user experience across … More
The post New infosec products of the week: October 23, 2020 appeared first on Help Net Security.
2020 presented us with many surprises, but the world of data privacy somewhat bucked the trend. Many industry verticals suffered losses, uncertainty and closures, but the protection of individuals and their information continued to truck on. After many websites simply blocked access unless you accepted their cookies (now deemed unlawful), we received clarity on cookies from the European Data Protection Board (EDPB). With the ending of Privacy Shield, we witnessed the cessation of a legal … More
Security researcher Rafay Baloch has discovered address bar spoofing vulnerabilities in several mobile browsers, which could allow attackers to trick users into sharing sensitive information through legitimate-looking phishing sites. “With ever growing sophistication of spear phishing attacks, exploitation of browser-based vulnerabilities such as address bar spoofing may exacerbate the success of spear phishing attacks and hence prove to be very lethal,” he noted. “First and foremost, it is easy to persuade the victim into stealing … More
The post Safari, other mobile browsers affected by address bar spoofing flaws appeared first on Help Net Security.
The US Cybersecurity and Infrastructure Security Agency (CISA) has released a list of 25 vulnerabilities Chinese state-sponsored hackers have been recently scanning for or have exploited in attacks. “Most of the vulnerabilities […] can be exploited to gain initial access to victim networks using products that are directly accessible from the Internet and act as gateways to internal networks. The majority of the products are either for remote access or for external web services, and … More
The post 25 vulnerabilities exploited by Chinese state-sponsored hackers appeared first on Help Net Security.
Many companies tend to jump into the cloud before thinking about security. They may think they’ve thought about security, but when moving to the cloud, the whole concept of security changes. The security model must transform as well. Moving to the cloud and staying secure Most companies maintain a “castle, moat, and drawbridge” attitude to security. They put everything inside the “castle” (datacenter); establish a moat around it, with sharks and alligators, guns on turrets; … More
The post Moving to the cloud with a security-first, zero trust approach appeared first on Help Net Security.
Zerologon might have been cybersecurity’s perfect storm: that moment when multiple conditions collide to create a devastating disaster. Thanks to Secura and Microsoft’s rapid response, it wasn’t. Zerologon scored a perfect 10 CVSS score. Threats rating a perfect 10 are easy to execute and have deep-reaching impact. Fortunately, they aren’t frequent, especially in prominent software brands such as Windows. Still, organizations that perpetually lag when it comes to patching become prime targets for cybercriminals. Flaws … More
It’s time to change the way we think about cybersecurity and risk management. Cybersecurity is no longer an IT problem to solve or a “necessary evil” to cost manage. Rather, cybersecurity has rapidly stormed the boardroom as a result of high-profile and costly data breaches. Get the following insights from this webinar: Recent events have changed our focus from protecting the perimeter Risk management is a formula based on the cost of an undesirable outcome … More
The post Webinar: How to think about cybersecurity the way executives think about business appeared first on Help Net Security.
The Sandworm Team hacking group is part of Unit 74455 of the Russian Main Intelligence Directorate (GRU), the US Department of Justice (DoJ) claimed as it unsealed an indictment against six hackers and alleged members on Monday. Sandworm Team attacks “These GRU hackers and their co-conspirators engaged in computer intrusions and attacks intended to support Russian government efforts to undermine, retaliate against, or otherwise destabilize: Ukraine; Georgia; elections in France; efforts to hold Russia accountable … More
The post US charges Sandworm hackers who mounted NotPetya, other high-profile attacks appeared first on Help Net Security.
We are beginning to shift away from what has long been our first and last line of defense: the password. It’s an exciting time. Since the beginning, passwords have aggravated people. Meanwhile, passwords have become the de facto first step in most attacks. Yet I can’t help but think, what will the consequences of our actions be? Intended and unintended consequences Back when overhead cameras came to the express toll routes in Ontario, Canada, it … More
What is confidential computing? Can it strengthen enterprise security? Sam Lugani, Lead Security PMM, Google Workspace & GCP, answers these and other questions in this Help Net Security interview. How does confidential computing enhance the overall security of a complex enterprise architecture? We’ve all heard about encryption in-transit and at-rest, but as organizations prepare to move their workloads to the cloud, one of the biggest challenges they face is how to process sensitive data while … More
The post What is confidential computing? How can you use it? appeared first on Help Net Security.
SOCs across the globe are most concerned with advanced threat detection and are increasingly looking to next-gen automation tools like AI and ML technologies to proactively safeguard the enterprise, Micro Focus reveals. Growing deployment of next-gen tools and capabilities The report’s findings show that over 93 percent of respondents employ AI and ML technologies with the leading goal of improving advanced threat detection capabilities, and that over 92 percent of respondents expect to use or … More
The post SecOps teams turn to next-gen automation tools to address security gaps appeared first on Help Net Security.
Microsoft and Adobe released out-of-band security updates for Visual Studio Code, the Windows Codecs Library, and Magento. All the updates fix vulnerabilities that could be exploited for remote code execution, but the good news is that none of them are being actively exploited by attackers (yet!). Microsoft’s updates Microsoft has fixed CVE-2020-17023, a remote code execution vulnerability in Visual Studio Code, its free and extremely popular source-code editor that’s available for Windows, macOS and Linux. … More
The post Magento, Visual Studio Code users: You need to patch! appeared first on Help Net Security.
Vulnerability scanners can be a very useful addition to any development or operations process. Since a typical vulnerability scanner needs to detect vulnerabilities in deployed software, they are (generally) not dependent on the language or technology used for the application they are scanning. This often doesn’t make them the top choice for detecting a large number of vulnerabilities or even detecting fickle bugs or business logic issues, but makes them great and very common tools … More
The post Review: Netsparker Enterprise web application scanner appeared first on Help Net Security.
The importance of privacy and data protection is a critical issue for organizations as it transcends beyond legal departments to the forefront of an organization’s strategic priorities. A FairWarning research, based on survey results from more than 550 global privacy and data protection, IT, and compliance professionals outlines the characteristics and behaviors of advanced privacy and data protection teams. By examining the trends of privacy adoption and maturity across industries, the research uncovers adjustments that … More
The post Global adoption of data and privacy programs still maturing appeared first on Help Net Security.
Despite 88% of cybersecurity professionals believing automation will make their jobs easier, younger staffers are more concerned that the technology will replace their roles than their veteran counterparts, according to a research by Exabeam. Overall, satisfaction levels continued a 3-year positive trend, with 96% of respondents indicating they are happy with role and responsibilities and 87% reportedly pleased with salary and earnings. Additionally, there was improvement in gender diversity with female respondents increasing from 9% … More
The post Most cybersecurity pros believe automation will make their jobs easier appeared first on Help Net Security.
Earlier this week SonicWall patched 11 vulnerabilities affecting its Network Security Appliance (NSA). Among those is CVE-2020-5135, a critical stack-based buffer overflow vulnerability in the appliances’ VPN Portal that could be exploited to cause denial of service and possibly remote code execution. About CVE-2020-5135 The SonicWall NSAs are next-generation firewall appliances, with a sandbox, an intrusion prevention system, SSL/TLS decryption and inspection capabilities, network-based malware protection, and VPN capabilities. CVE-2020-5135 was discovered by Nikita Abramov … More
The post Critical flaw in SonicWall’s firewalls patched, update quickly! (CVE-2020-5135) appeared first on Help Net Security.
Exposures and cybersecurity challenges can turn out to be costly, according to statistics from the US Department of Health and Human Services (HHS), 861 breaches of protected health information have been reported over the last 24 months. New research from RiskRecon and the Cyentia Institute pinpointed risk in third-party healthcare supply chain and showed that healthcare’s high exposure rate indicates that managing a comparatively small Internet footprint is a big challenge for many organizations in … More
The post New research shows risk in healthcare supply chain appeared first on Help Net Security.
Cyborg Security launches HUNTR platform to help orgs tackle cyber threats Cyborg Security’s HUNTR platform provides advanced and contextualized threat hunting and detection packages containing behaviorally based threat hunting content, threat emulation, and detailed runbooks, supplying organizations what they need to evolve their security analysts into skilled hunters. Cloudflare One: A cloud-based network-as-a-service solution for the remote workforce As more businesses rely on the internet to operate, Cloudflare One protects and accelerates the performance of … More
The post New infosec products of the week: October 16, 2020 appeared first on Help Net Security.