CISO View – The Week’s Best News – 2021.03.05

A Review of the Best News of the Week on Cybersecurity Management & Strategy

Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails (Krebs on Security, Mar 02 2021)
Microsoft Corp. today released software updates to plug four critical security holes that attackers have been using to plunder email communications at companies that use its Exchange Server products. The company says all four flaws are being actively exploited as part of a complex attack chain deployed by a previously unidentified Chinese cyber espionage group.

National Security Risks of Late-Stage Capitalism (Schneier on Security, Mar 01 2021)
Early in 2020, cyberspace attackers apparently working for the Russian government compromised a piece of widely used network management software made by a company called SolarWinds. The hack gave the attackers access to the computer networks of some 18,000 of SolarWinds’s customers, including US government agencies such as the Homeland Security Department and State Department, American nuclear research labs, government contractors, IT companies and nongovernmental agencies around the world.

Chinese Hackers Stole an NSA Windows Exploit in 2014 (Schneier on Security, Mar 04 2021)
“Check Point has evidence that (probably government affiliated) Chinese hackers stole and cloned an NSA Windows hacking tool years before (probably government affiliated) Russian hackers stole and then published the same tool. Here’s the timeline:

The timeline basically seems to be, according to Check Point…”


Filter Out the Noise
Since I started this curated security news in June 2017, I’ve clipped ~17,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share today’s post on Twitter Facebook LinkedIn


Inside the Ransomware Economy (SecurityWeek, Mar 01 2021)
The trouble with ransomware is well known at this point.

SolarWinds blaming intern for leaked password is symptom of ‘security failures’ (SC Media, Mar 02 2021)
Infosec thought leaders say that blaming an intern ignores the true roots of the problem, including insufficient credentials policies and access management practices.

Should You Be Concerned About the Recently Leaked Spectre Exploits? (SecurityWeek, Mar 03 2021)
A researcher revealed on Monday that some exploits for the notorious CPU vulnerability known as Spectre were uploaded recently to the VirusTotal malware analysis service. While some experts say this could increase the risk of exploitation for malicious purposes, others believe there is no reason for concern.

Qualys Is the Latest Victim of Accellion Data Breach (Dark Reading, Mar 04 2021)
Security vendor confirms attackers exploited a previously disclosed vulnerability in the enterprise firewall technology to breach its network.

Intel Paid Out $800,000 Per Year Through Bug Bounty Program (SecurityWeek, Mar 03 2021)
Over 230 Vulnerabilities Patched in Intel Products in 2020. Intel patched 231 vulnerabilities in its products last year, roughly the same as in the previous year, when it fixed 236 flaws.

Three Top Russian Cybercrime Forums Hacked (Krebs on Security, Mar 04 2021)
Over the past few weeks, three of the longest running and most venerated Russian-language online forums serving thousands of experienced cybercriminals have been hacked. In two of the intrusions, the attackers made off with the forums’ user databases, including email and Internet addresses and hashed passwords.

How Criminals Job Hunt on the Dark Web (Dark Reading, Mar 01 2021)
How’s your ‘Probiv’? How about customer service? Here’s how Dark Web forums connect cybercriminals looking for talent with those looking for work — and which skills are hot right now.

Building a Next-Generation SOC Starts With Holistic Operations (Dark Reading, Mar 01 2021)
The proper template for a modernized SOC team is one that operates seamlessly across domains with a singular, end-to-end view.

Universal Health Services Suffered $67 Million Loss Due to Ransomware Attack (Dark Reading, Mar 01 2021)
Earnings report points to diversion of care during incident for financial loss.

Preparing for the Cybersecurity Maturity Model Certification onslaught (Help Net Security, Mar 02 2021)
For the Defense Industrial Base (DIB), the Department of Defense (DoD) Cybersecurity Maturity Model Certification (CMMC) compliance requirement is the hot news topic of 2021. In fact, across the DIB market, CMMC compliance will probably stay a focus through at least 2025.

Policy Group Calls for Public-Private Cyber-Defense Program (Dark Reading, Mar 02 2021)
The proposed National Cyber Response Network would link federal agencies, companies, and local governments, allowing collaboration during a cyberattack.

10 strategies small security teams can use for effective cybersecurity management (Help Net Security, Mar 03 2021)
As the challenges of smaller security teams are certainly different than with larger teams, these IT professionals must be more creative and pragmatic than their large enterprise counterparts, according to Cynet. In the past several years we have seen a rise in cybersecurity attacks on businesses of every size.

Intel: Paid Research Caught More Than 90% of Our Vulnerabilities (Dark Reading, Mar 03 2021)
Internal research and external bug-bounty programs combined to discover the vast majority of reported security issues in the company’s software.

Security starts with architecture (Help Net Security, Mar 04 2021)
The battle against hackers and threats is an arms race against highly motivated opponents, and with the number of attacks and threats continually growing, it’s impossible to achieve security by simply patching up a broken architecture with single, niche tools. The way security groups are typically structured to defend against and respond to threats is similarly flawed.

Women in Cyber: Workplace Equality Will Take a Decade (Infosecurity Magazine, Mar 04 2021)
CIISec argues sector risks stagnation without diversity drive

Microsoft, FireEye Uncover More Malware Used in the SolarWinds Campaign (Dark Reading, Mar 04 2021)
Newly discovered tools were designed for late-stage use after the attackers had already established a relatively firm presence on a breached network, vendors say.

Failure to Report Breach Costs Mortgage Lender $1.5m (Infosecurity Magazine, Mar 05 2021)
US mortgage company pays $1.5m to settle NYDFS Cybersecurity Regulation violation allegations

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn