A Review of the Best News of the Week on Cyber Threats & Defense
No Two REvil Attacks Are the Same, Experts Warn (Infosecurity Magazine, Jun 15 2021)
The ransomware affiliate model drives a challenging variety of threats for defenders to tackle
NSA Releases Guidance for Securing Enterprise Communication Systems (SecurityWeek, Jun 18 2021)
The NSA on Thursday released guidance to help organizations secure their communication systems, specifically Unified Communications (UC) and Voice and Video over IP (VVoIP).
UC and VVoIP are call-processing systems that are used for communications and collaboration by many enterprises, including government agencies and their contractors.
Google Confirms Sixth Zero-Day Chrome Attack in 2021 (SecurityWeek, Jun 17 2021)
Google’s ongoing struggles with in-the-wild zero-day attacks against its flagship Chrome browser isn’t going away anytime soon.
Filter Out the Noise
Since I started this curated security news in June 2017, I’ve clipped ~19,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
Cyber criminals are targeting digital artists (Help Net Security, Jun 15 2021)
Cyber criminals looking for a quick payout and valuables are targeting digital artists using NFTs (non-fungible tokens), warns security researcher Bart Blaze. The attackers are taking advantage of the artists’ desire to work and earn money to trick them into downloading information-stealing malware that will help them raid their crypto wallets and break into their various online accounts (email, IM, gaming, banking, etc.).
Why XSS is still an XXL issue in 2021 (Help Net Security, Jun 15 2021)
Cross-site scripting (XSS) attacks take advantage of coding flaws in the way websites or web applications generate input from users. Despite their longstanding reputation as a significant infosec problem, XSS attacks have remained a constant of the OWASP Top 10 Web Application Security Risks year after year and still make headlines.
VPN attacks up nearly 2000% as companies embrace a hybrid workplace (Help Net Security, Jun 15 2021)
Nuspire released a report which outlines new cybercriminal activity and tactics, techniques and procedures (TTPs) with additional insight from Recorded Future. “As companies return to a hybrid workplace, it’s crucial that they are aware of the evolving threat landscape,” said Craig Robinson, Program Director, Security Services at IDC.
Most Federal Credit Unions Lack Strong Email Security Set Ups (SecurityWeek, Jun 14 2021)
Financial institutions have always been at the forefront of battling cybercrime. As one of the most targeted industries, they face multiple threats, such as phishing, spear phishing and banking malware.
Thousands of VMware vCenter Servers Remain Open to Attack Over the Internet (Dark Reading, Jun 15 2021)
Three weeks after company disclosed two critical vulnerabilities in the workload management utility, many organizations have not patched the technology yet, security vendor says.
How to secure data one firewall at a time (Help Net Security, Jun 16 2021)
The need for secure data access management is top-of-mind in the C-suite and boardroom. The question I keep hearing from IT departments is how to do it right, that is, how to ensure security and governance without frustrating users or slowing innovation.
Attackers Find New Way to Exploit Google Docs for Phishing (Dark Reading, Jun 18 2021)
Tactic continues recent trend by attackers to use trusted cloud services to send and host malicious content.
Researcher Finds Several Vulnerabilities in Cisco Small Business Switches (SecurityWeek, Jun 18 2021)
A researcher has identified several vulnerabilities, including ones that have been rated high severity, in Cisco’s Small Business 220 series smart switches. The networking giant this week informed customers about the availability of patches for these flaws.
Hackers Are Selling Data Stolen From Audi and Volkswagen (VICE, Jun 17 2021)
Hackers claim they found the data of millions of Audi customers on an unsecured server hosted on Microsoft Azure’s cloud.
A New Tool Wants to Save Open Source from Supply Chain Hacks (Wired, Jun 18 2021)
Sigstore will make code signing free and easy for software developers, providing an important first line of defense.