Here’s a summary of the most interesting news, articles, interviews and videos from the past week.
Social engineer reveals effective tricks against real-world infiltration
In this Help Net Security interview, Jayson E. Street, Secure Yeti’s Chief Adversary Officer, discusses the interesting aspects of social engineering and unconventional methods for gathering target information.
Understand the philosophy and principles of Zero Trust design
In this Help Net Security interview, Phil Vachon, head of infrastructure in the Bloomberg Office of the CTO, discusses the various definitions of zero trust among security professionals and enterprises and highlights its broad design philosophy. .
Adopt an offensive cybersecurity strategy to defend against dynamic threats
In this edition of Help Net Security, Alexander Hagenah, Head of Cyber Control at SIX, explains the key steps to creating an effective offensive security operation and how it impacts your organization’s security strategy.
AuthLogParser: Open source tool for analyzing Linux authentication logs
AuthLogParser is an open-source digital forensics and incident response tool specifically created to analyze Linux authentication logs (auth.log).
Protect AI systems from evasion, poisoning, and abuse
Adversaries can intentionally mislead or “poison” AI systems to cause them to malfunction, but developers have yet to find a reliable defense against this. NIST researchers and their partners highlight these AI and machine learning vulnerabilities in their latest publication.
Fly Catcher: Monitors malicious signals to detect aircraft spoofing
Fly Catcher is an open-source device that can detect aircraft spoofing by monitoring malicious ADS-B signals on the 1090MHz frequency.
A critical flaw in GitLab allows account takeover without user interaction. Please apply the patch immediately. (CVE-2023-7028)
A critical vulnerability in GitLab CE/EE (CVE-2023-7028) could be easily exploited by an attacker to reset the password of a GitLab user account.
‘Security researchers’ suggest deleting data stolen by ransomware attackers
Even if your organization falls victim to ransomware and pays criminals to decrypt your encrypted data and delete stolen data, you can be completely sure that the criminals will do what they promise. You can’t.
Attackers could exploit vulnerabilities in Bosch Rexroth’s nutrunner to disrupt car production
Researchers discovered more than 20 vulnerabilities in “smart” cordless nutrunners (i.e., pneumatic torque wrenches) made by Bosch Rexroth. Exploitation of this vulnerability could result in an inoperable device or unreliable output.
Microsoft fixes critical flaw in Windows Kerberos, Hyper-V (CVE-2024-20674, CVE-2024-20700)
For January 2024 Patch Tuesday, Microsoft has released fixes for 49 CVE numbered vulnerabilities. Two of them are critical: CVE-2024-20674 and CVE-2024-20700.
SEC’s X account was hacked and posted fake news of Bitcoin ETF approval
Someone took over the X (formerly Twitter) account of the U.S. Securities and Exchange Commission (SEC), and the commission decided to allow Bitcoin ETFs (exchange traded funds) to be listed on registered national security exchanges. He posted an announcement.
Ivanti Connect Secure zero-day exploited by attackers (CVE-2023-46805, CVE-2024-21887)
Volexity researchers discovered that two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Ivanti Connect Secure VPN devices are being actively exploited by unknown attackers.
Review: Engineering-Grade OT Security: An Administrator’s Guide
In this book, the author tries to answer the question: “How much?” [of both] Is it enough? He explains that the answer actually lies in the compromises that “drive the decision-making process.”
Cacti SQLi vulnerability could lead to RCE (CVE-2023-51448)
A blind SQL injection vulnerability (CVE-2023-51448) in Cacti, a widely used network monitoring, performance, and fault management framework, could lead to information disclosure or remote code execution. .
Hackers target MS SQL servers exposed with Mimic ransomware
Hackers are distributing Mimic ransomware by brute-forcing exposed MS SQL database servers, Securonix researchers have warned.
A critical flaw in Cisco Unity Connection could give an attacker root privileges. Patch now! (CVE-2024-20272)
Cisco fixes a critical vulnerability in Cisco Unity Connection (CVE-2024-20272) that could allow an unauthenticated attacker to upload arbitrary files and gain root privileges on an affected system. did.
Data security incidents don’t pose an existential threat if you’re prepared.
When a company becomes aware of a potential data security incident, the team working on it (as well as any other team that realizes that “something” is going on) immediately responds with an overwhelming feeling that the company will be doomed. Why do I feel this way?
Top AppSec predictions for 2024
In this Help Net Security video, Backslash Security CEO Shahar Man presents his top 3 AppSec predictions for 2024 and reveals future trends.
Researchers develop technology to prevent software bugs
A team of computer scientists led by the University of Massachusetts Amherst recently announced a new method to automatically generate global proofs that can be used to prevent software bugs and verify that the underlying code is correct.
Key LLM vulnerabilities and how to mitigate their associated risks
As large-scale language models (LLMs) become more prevalent, it remains difficult to comprehensively understand the LLM threat landscape.
The growing challenge of cyber risk in the era of synthetic media
In this Help Net Security video, Mike Bechtel, Chief Futurist at Deloitte, discusses the digital risks of cyberattacks due to the proliferation of AI-generated content and synthetic media in the digital environment.
The role of purple teaming and threat classification
Organizations are constantly working to ensure optimal threat detection and prevention across their systems. The question we keep getting asked is, “Can we detect the threats we’re supposed to detect?”
Fundamental forces in your 2024 cybersecurity strategy
In this Help Net Security video, Nick Carroll, Cyber Incident Response Manager at Raytheon, explains how organizations are being forced to strengthen their defenses faster than cyber threats evolve, while trying to keep pace with attackers. It explains how this hasty “reversal” can often lead to problems. This is due to harmful practices in which organizations ignore the basic fundamentals of cyber defense and fail to establish general cyber awareness within the enterprise.
Akira ransomware attacker wipes NAS and tape backups
The attackers identified and targeted organizations with vulnerable Internet-connected Cisco ASA or FTD devices, and located and wiped the target organizations’ backups before deploying the ransomware.
Cloud security predictions for 2024
Looking back at the cybersecurity landscape and threat vector trajectory, it is clear that we are on the cusp of a paradigm shift in cloud security.
The scope of CISO duties will expand in 2024
In this Help Net Security video, AT&T Director of Cybersecurity Bindu Sundaresan discusses the continued changes we’re seeing from the CISO role as digital transformation efforts progress.
2024 Cyber Budget and VC Status
In this Help Net Security video, Marcus Bartram, general partner at Telstra Ventures, shares his cybersecurity predictions for 2024.
Accelerate cyber hygiene essential for small and medium-sized businesses
Do you think you’re too small to experience a cyber attack? That’s not true. In fact, cyber attackers (CTAs) are increasingly targeting small and medium-sized businesses. If successful, their attack could be devastating.
New Information Security Products of the Week: January 12, 2024
Here are the most interesting products of the past week, featuring releases from Critical Start, Dasera, ID R&D, and SpecterOps.