Tag Archive for: week

Week in review: Patch Tuesday forecast, 9 free ransomware guides, Cybertech Europe 2023


Week in review

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Photos: Cybertech Europe 2023
The Cybertech Europe conference and exhibition takes place at La Nuvola Convention Center in Rome, and features the latest innovative solutions from dozens of companies and speakers, including senior government officials, C-level executives, and industry trailblazers from Europe and around the world.

Cybertech Europe 2023 video walkthrough
In this Help Net Security video, we take you inside Cybertech Europe 2023 at La Nuvola Convention Center in Rome.

Securing GitHub Actions for a safer DevOps pipeline
In this Help Net Security interview, Varun Sharma, CEO at StepSecurity, talks about misconceptions about the security of GitHub Actions, the potential risks of using third-party actions, recommended best practices for using GitHub Actions securely, and more.

CISO’s compass: Mastering tech, inspiring teams, and confronting risk
In this Help Net Security interview, Okey Obudulu, CISO at Skillsoft, talks about the increasing complexity of the CISO role and challenges they face.

Tackling cyber risks head-on using security questionnaires
In this Help Net Security interview, Gaspard de Lacroix-Vaubois, CEO at Skypher, talks about the implementation of security questionnaires and how they facilitate assessments and accountability across all participants in the technology supply chain, fostering trust and safeguarding sensitive data.

Chalk: Open-source software security and infrastructure visibility tool
Chalk is a free, open-source tool that helps improve software security.

Critical zero-days in Exim revealed, only 3 have been fixed
Six zero-days in Exim, the most widely used mail transfer agent (MTA), have been revealed by Trend Micro’s Zero Day Initiative (ZDI) last Wednesday.

Zero-day in Arm GPU drivers exploited in targeted attacks (CVE-2023-4211)
A vulnerability (CVE-2023-4211) in the kernel drivers for several Mali GPUs “may be under limited, targeted exploitation,” British semiconductor manufacturer Arm has confirmed on Monday, when it released drivers updated with patches.

Amazon: AWS root accounts must have MFA enabled
Amazon wants to make…

Source…

Week in review: 17 free AWS cybersecurity courses, exploited Chrome zero-day


Week in review

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

The blueprint for a highly effective EASM solution
In this Help Net Security interview, Adrien Petit, CEO at Uncovery, discusses the benefits that organizations can derive from implementing external attack surface management (EASM) solutions, the essential capabilities an EASM solution should possess, and how it deals with uncovering hidden systems.

How should SMBs navigate the phishing minefield?
In this Help Net Security interview, Pete Hoff, CISO at Wursta, offers advice to SMB security leaders and professionals on how to minimize the threat phishing presents to their organization’s operations and long-term success.

Requests via Facebook Messenger lead to hijacked business accounts
Hijackers of Facebook business accounts are relying on fake business inquiries and threats of page/account suspension to trick targets into downloading password-stealing malware.

Microsoft, Adobe fix zero-days exploited by attackers (CVE-2023-26369, CVE-2023-36761, CVE-2023-36802)
September 2023 Patch Tuesday is here, with fixes for actively exploited vulnerabilities in Adobe Acrobat and Reader (CVE-2023-26369), Microsoft Word (CVE-2023-36761), and Microsoft Streaming Service Proxy (CVE-2023-36802).

Microsoft Teams phishing: Enterprises targeted by ransomware access broker
A threat actor known for providing ransomware gangs with initial access to enterprise systems has been phishing employees via Microsoft Teams.

Attackers use fallback ransomware if LockBit gets blocked
Your security solutions might stave off a LockBit infection, but you might still end up with encrypted files: according to Symantec’s threat researchers, some affiliates are using the 3AM ransomware as a fallback option in case LockBit gets flagged and blocked.

Attackers hit software firm Retool to get to crypto companies and assets
Retool, the company behind the popular development platform for building internal business software, has suffered a breach that allowed attackers to access and take over accounts of 27 cloud customers, all in the crypto industry.

Microsoft Teams users targeted in phishing attack delivering DarkGate…

Source…

Week 36 in review: Oppo A38 announced, Moto G54 goes official, more iPhone 15 rumors


The first week of September brought more to the rumor mill for the usual suspects. The iPhone 15 series will offer camera upgrades across the board with the 15 and 15 Plus getting all-new 48MP Sony sensors with a stacked design and an f/1.6 aperture. The second shooter on the back will be the same old 12MP, f/2.4 ultrawide. We prepared a more detailed what to expect article which you can check out here.

The 15 Pro will retain the 48MP main shooter from its predecessor but it’s rumored to be joined by an improved 13MP f/2.4 ultrawide lens. The 15 Pro Max will get the biggest update with a new 12.7MP periscope lens (1/1.9″ sensor; f/2.8 aperture) with 5x optical zoom. We also got to see dummy units for all four of the iPhone 15 series devices confirming Dynamic Islands on the non-Pros and the new Action Buttons on the Pro models.

Google showcased the Pixel 8 Pro in full glory on its own website in detailed render form. The flagship Pixel will be available in Licorice, Porcelain and Sky colors and we got more confirmation of the previously leaked design. Google is also rumored to release Android 14 at the Pixel 8 launch event on October 4.

Samsung announced Thom Browne Editions of its Galaxy Z Fold5 and Watch6. The Samsung Galaxy S24 is rumored to get a titanium frame, upgraded 200MP main and 50MP telephoto cameras and a Snapdragon 8 Gen 3 chip.

Oppo launched its A38 midranger with a Helio G85 chipset, 50MP main cam, 90Hz IPS LCD and a 5,000 mAh battery with 33W fast charging. The device comes in Black and Gold colors but we still don’t have any pricing and availability details.

Motorola launched the G54 with two version – one for China and a slightly different model for India. Both Motos feature 6.5” IPS LCDs (120Hz), MediaTek’s Dimensity 7020 chipset and 50MP main cams. The Indian model brings a larger 6,000 mAh battery with 33W charging while the Chinese version relies on a 5,000 mAh cell with 15W charging.

Xiaomi will launch its 13T lineup on September 26 and we got confirmation both the 13T and 13T Pro will receive 4 Android updates and 5 years of security patches. Motorola will announce its Edge 40 Neo on September 14.

Here are all the…

Source…

Week in review: 11 search engines for cybersecurity research, PoC for RCE in Juniper firewall released


Week in review

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Adapting authentication to a cloud-centric landscape
In this Help Net Security interview, Florian Forster, CEO at Zitadel, discusses the challenges CISOs face in managing authentication across increasingly distributed and remote workforces, the negative consequences of ineffective authorization, and how the shift toward cloud transformation affects authentication strategies.

What makes a good ASM solution stand out
In this Help Net Security interview, Patrice Auffret, CTO at Onyphe, explains how the traditional perimeter-based security view is becoming obsolete.

What does optimal software security analysis look like?
In this Help Net Security interview, Kevin Valk, co-CEO at Codean, discusses the consequences of relying solely on automated tools for software security.

PoC for no-auth RCE on Juniper firewalls released
Researchers have released additional details about the recently patched four vulnerabilities affecting Juniper Networks’ SRX firewalls and EX switches that could allow remote code execution (RCE), as well as a proof-of-concept (PoC) exploit.

Easy-to-exploit Skype vulnerability reveals users’ IP address
A vulnerability in Skype mobile apps can be exploited by attackers to discover a user’s IP address – a piece of information that may endanger individuals whose physical security depends on their general location remaining secret.

Qakbot botnet disrupted, malware removed from 700,000+ victim computers
The Qakbot botnet has been crippled by the US Department of Justice (DOJ): 52 of its servers have been seized and the popular malware loader has been removed from over 700,000 victim computers around the world.

The removal of Qakbot from infected computers is just the first step
The Qakbot botnet has been disrupted by an international law enforcement operation that culminated last weekend, when infected computers started getting untethered from it by specially crafted FBI software.

Cisco VPNs with no MFA enabled hit by ransomware groups
Since March 2023 (and possibly even earlier), affiliates of the Akira and LockBit ransomware operators have been breaching…

Source…