A Review of the Best News of the Week on Cloud Security, DevOps, AppSec
Cloud Exposes SMBs to Attack as Human Error Grows (Infosecurity Magazine, May 19 2020)
Verizon’s annual Data Breach Investigations Report is compiled from an analysis of 32,002 security incidents and 3950 confirmed breaches.
The report claimed that smaller businesses comprised just over a quarter (28%) of the total number of breaches.
However, more telling was the alignment of top breach-related threats: phishing came top for both SMBs and larger firms, with password dumper malware and stolen credentials featuring in the top four for both.
More than a fifth (20%) of attacks on SMBs were against web applications and involved the use of stolen credentials.
In fact, attacks against cloud-based data were on the up overall with web app threats doubling to 43%. Credential theft, errors and social attacks like phishing accounted for over two-thirds (67%) of breaches.
The Elementor Attacks: How Creative Hackers Combined Vulnerabilities to Take Over WordPress Sites (Wordfence, May 20 2020)
“we can release full details of the attack campaign and associated vulnerabilities. Today’s report includes details on how attackers were using a combination of two vulnerabilities to compromise sites. Now that the vendors have released fixes and the community has had time to update, we are releasing a video walkthrough of a site being exploited, and a full disclosure of all technical details of these vulnerabilities and the associated attack campaign.”
Cloud WAF Comparison Using Real-World Attacks (Medium, May 18 2020)
Are the cloud WAFs any good in blocking common web application attacks? We decided to find out and the results were surprising.
Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~14,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
Share today’s post on Twitter Facebook LinkedIn
As Businesses Rush to the Cloud, Security Teams Struggle to Keep Up (Dark Reading, May 14 2020)
Most organizations have a gap between current and planned cloud usage and the maturity of their cloud security programs.
Shiny new Azure login attracts shiny new phishing attacks (Naked Security – Sophos, May 18 2020)
Admins working with Microsoft Azure beware: phishers are updating their assets to reflect changes on the company’s cloud-based login screen.
As DevOps Accelerates, Security’s Role Changes (Dark Reading, May 18 2020)
There remains a disconnect between developers and security teams, with uncertainty around who should handle software security.
With increased DevOps adoption, roles in software development teams are changing (Help Net Security, May 20 2020)
Roles across software development teams have changed as more teams adopt DevOps, according to GitLab. The survey of over 3,650 respondents from 21 countries worldwide found that rising rates of DevOps adoption and implementation of new tools has led to sweeping changes in job functions, tool choices and organization charts within developer, security and operations teams.
This Service Helps Malware Authors Fix Flaws in their Code (Krebs on Security, May 18 2020)
“Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. But the reality is most malicious software also has its share of security holes that open the door for security researchers or ne’er-do-wells to liberate or else seize control over already-hacked systems. Here’s a look at one long-lived malware vulnerability testing service that is used and run by some of the Dark Web’s top cybercriminals.”
Unpatched Open Source Libraries Leave 71% of Apps Vulnerable (Dark Reading, May 19 2020)
PHP and JavaScript developers need to pay close attention because different languages and frameworks have different rates of vulnerability, research finds.
Remote Code Execution Vulnerability Patched in VMware Cloud Director (SecurityWeek, May 20 2020)
VMware informed customers on Tuesday that it has patched a high-severity remote code execution vulnerability in its Cloud Director product.