Here’s a summary of the most interesting news, articles, interviews and videos from the past week.
Key elements for a successful cyber risk management strategy
In this Help Net Security interview, Yoav Nathaniel, CEO of Silk Security, discusses the evolution of cyber risk management strategies and practices, uncovers common mistakes, and highlights key components for successful risk resolution. I’m guessing.
The CISO’s critical role in aligning security goals with corporate expectations
In this Help Net Security interview, Gartner Vice President and Analyst Chris Mixter talks about the dynamic world of the CISO and how the role has evolved significantly over the years.
Ransomware negotiations: When cybersecurity and crisis management go hand in hand
In this Help Net Security interview, Tim Morris, Chief Security Advisor at Tanium, talks about negotiating ransomware, how it typically unfolds, and what organizations should do, when they should do it, and who should do it. We talk about how organizations should have a strategy that clearly outlines what will be notified and who will be notified. Notifying the board, who speaks to the press, etc.
Adalanche: Open source Active Directory ACL visualizer and explorer
Adalanche provides instant insight into the permissions of users and groups in Active Directory.
Tsurugi Linux: Tailor the user experience for digital forensics and OSINT investigations
Tsurugi Linux is a heavily customized open source distribution focused on supporting DFIR investigations.
Skytrack: an open source aircraft reconnaissance tool
Skytrack is an open source command line tool for aircraft discovery and aircraft OSINT reconnaissance.
Achieves powerful information theft by exploiting a bug in Windows SmartScreen (CVE-2023-36025)
The vulnerability that Microsoft fixed in November 2023 (CVE-2023-36025) continues to be exploited by malware sellers. This threat is a variant of Phemedrone Stealer.
1,700 Ivanti VPN devices were compromised. Are you among them too?
Over 1,700 Ivanti Connect Secure VPN devices worldwide were compromised by attackers leveraging two zero-days with no currently available patches.
Atlassian reveals critical flaw in Confluence RCE and urges “immediate action” (CVE-2023-22527)
Atlassian has patched a critical vulnerability (CVE-2023-22527) in Confluence Data Center and Confluence Server that could allow remote code execution.
Google fixes actively exploited Chrome zero-day (CVE-2024-0519)
In the new stable release of the Chrome browser, Google has fixed three security vulnerabilities affecting the V8 engine, including a zero-day (CVE-2024-0519) via an existing exploit.
VMware: Close critical holes in Aria Automation immediately. (CVE-2023-34063)
A critical vulnerability (CVE-2023-34063) affecting VMware Aria Automation and VMware Cloud Foundation could be exploited by attackers to gain access to remote organizations and workflows, VMware has warned.
PostgreSQL, MySQL servers with insufficient security targeted by ransomware bots
Users who put poorly secured PostgreSQL and MySQL servers online are at risk of having their databases wiped out by ransomware bots, Border0 researchers have warned.
Juniper fixes critical RCE in SRX firewalls and EX switches (CVE-2024-21591)
Juniper Networks has fixed a critical pre-authentication remote code execution (RCE) vulnerability (CVE-2024-21591) in Junos OS on SRX firewalls and EX switches.
The right strategy for effective cybersecurity awareness
Employees play a critical role in protecting organizational assets. With the threat landscape constantly evolving, cybersecurity awareness training is an essential part of building a good security culture.
CISA confirms Ivanti EPMM and MobileIron Core vulnerabilities are being actively exploited (CVE-2023-35082)
A previously patched critical vulnerability (CVE-2023-35082) affecting Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core is being actively exploited and has been reported by the Cybersecurity and Infrastructure Security Agency. (CISA) has confirmed this vulnerability by adding it to the Known and Exploited Vulnerabilities Catalog (Kev).
The power of AI in cybersecurity
The widespread adoption of artificial intelligence (AI), particularly generative AI (GenAI), has revolutionized the organizational landscape and transformed both the cyber threat landscape and cybersecurity.
Flipping the BEC Funnel: Phishing in the Age of GenAI
In addition to implementing the right AI security tools, every CISO should prioritize security awareness training and phishing simulation testing.
Prevent insider access from being leaked to malicious actors
In this Help Net Security video, Gutsy CTO John Morello explains an often overlooked aspect of cybersecurity: the offboarding process.
10 Cybersecurity Frameworks You Should Know
As cyber threats become more sophisticated, understanding and implementing a robust cybersecurity framework is critical for organizations of all sizes.
3 ways to combat the rise of OAuth SaaS attacks
OAuth integration is used to improve workflows, add functionality, and improve the usability of the original application. However, when deployed by threat actors, they can be extremely dangerous and difficult to detect.
Best practices to reduce alert fatigue
In this Help Net Security video, Peter Manev, chief strategy officer at Stamus Networks, discusses a widespread problem plaguing security analysts called “alert fatigue.” This happens when security teams become desensitized to an overwhelming amount of alerts and miss or miss them. Important events will be missed and response times will be slow.
Kaspersky releases utility to detect iOS spyware infections
Kaspersky researchers have developed a lightweight software that detects signs of infection from advanced iOS spyware such as NSO Group’s Pegasus, QuaDream’s Reign, and Intellexa’s Predator by analyzing log files created on iOS devices. developed a method.
Security considerations during layoffs: Advice from MSSPs
One of the first decisions an organization should make before committing to layoffs is determining how transparent it will be about the termination process for affected employees.
Attribute-based encryption could put an end to data leaks
The future of data privacy is the end of breaches. The world is generating data at an alarming rate, so you need a way to get the most out of it while preventing breaches and ensuring privacy, data protection, and access control.
Out with the old, in with the improved: MFA needs a makeover
One of the key areas where cyber protection will continue to evolve in 2024 is multi-factor authentication (MFA).
This week’s new information security products: January 19, 2024
Here are the most interesting products of the past week, featuring releases from Living Security, Skopenow, Skyhigh Security, and Wing Security.