Here's a summary of the most interesting news, articles, interviews and videos from the past week.
Palo Alto Networks firewalls are under attack and a hotfix has arrived! (CVE-2024-3400)
Attackers are exploiting a command injection vulnerability (CVE-2024-3400) affecting Palo Alto Networks firewalls, the company warned, and provided temporary mitigations to customers to ensure their devices were not compromised. We asked them to contact us to confirm whether they have.
Strategies for secure identity management in hybrid environments
In this Help Net Security interview, Charlotte Wylie, SVP and Acting CSO at Okta, discusses the challenges of managing user identities across hybrid IT environments.
Strengthen compliance and governance with AI
In this Help Net Security interview, IBRS Advisor Dr. Joseph Sweeney discusses the risks of integrating AI into information management systems.
Strategies to foster collaboration between NetOps and SecOps
In this Help Net Security interview, Netscout CISO Debby Briggs talks about breaking down the silos between NetOps and SecOps. Practical steps include scheduling strategy meetings, understanding communication preferences, and fostering team collaboration.
Current Cybersecurity Jobs: April 10, 2024
We research the market and bring you a selection of roles across a range of skill levels in the cybersecurity field. Check out our weekly list of cybersecurity jobs available now.
EJBCA: Open Source Public Key Infrastructure (PKI), Certificate Authority (CA)
EJBCA is open source PKI and CA software. It can handle almost anything, and someone once called it the kitchen sink of PKI.
Microsoft patches two actively exploited zero-days (CVE-2024-29988, CVE-2024-26234)
This April 2024 Patch Tuesday, Microsoft fixed a record 147 vulnerabilities with CVE numbers. Among them was a vulnerability called CVE-2024-29988, which Microsoft did not mark as exploited, but Peter Girnus, a senior threat researcher at Trend Micro's zero-day initiative, (ZDI) was found to be exploited by attackers.
Graylog: Open source log management
Graylog is an open source solution with centralized log management capabilities. It allows teams to collect, store, and analyze data to answer questions about security, applications, and IT infrastructure.
WiCyS: Championing a more diverse cybersecurity workforce
In this Help Net Security interview, Lynn Dohm, executive director of Women in CyberSecurity (WiCyS), talks about how her organization supports its members across various stages of their cybersecurity journey.
WEF Cybercrime Atlas: Researchers are creating new insights to fight cybercrime
In early 2023, the World Economic Forum (WEF) launched the Cybercrime Atlas, which aims to map the cybercrime ecosystem by fostering collaboration between private and public organizations.
Over 92,000 internet-connected D-Link NAS devices can be accessed via “backdoor” accounts (CVE-2024-3273)
Threat researchers have discovered that a vulnerability (CVE-2024-3273) in four older D-Link NAS models can be exploited to compromise internet-connected devices.
XZ Utils Backdoor: Detection Tools, Scripts, and Rules
As analysis of the XZ Utils backdoor continues, several security companies are providing tools and advice on how to detect the presence of a backdoor on Linux systems.
New Latrodectus loader steps into Qbot
It appears that a new (down)loader malware called Latrodectus is being utilized by early access brokers and may have been created by the same developer who created the IcedID loader.
New feature in Google Workspace prevents sensitive security changes without approval from two administrators
Google announced that it is rolling out multi-party authorization for Google Workspace customers with multiple super administrator accounts.
LG smart TV can be hijacked by remote attackers
Bitdefender researchers discovered four vulnerabilities in webOS, the operating system that runs on LG smart TVs. This could allow an attacker to gain unrestricted (root) access to the device.
IT professionals targeted by PuTTY, FileZilla's malicious Google ads
The ongoing malvertising campaign targets IT administrators who are trying to download system utilities such as PuTTY (a free SSH and Telnet client) and FileZilla (a free cross-platform FTP application).
New secret SharePoint data extraction technique revealed
Researchers at Varonis Threat Labs have discovered two techniques that attackers can use to exfiltrate sensitive data and files from corporate SharePoint servers.
Ransomware group maturity should influence ransom payment decisions
Your organization has fallen victim to ransomware and must decide whether to pay the ransom to have your data decrypted, removed from the attacker's servers, and prevented from leaking online.
CISA warns about Sisense data breach
Business intelligence/data analytics software vendor Sisense suffered an apparent data breach, prompting the company and the U.S. Cybersecurity and Infrastructure Security Agency to issue a warning to customers who have been exposed to or used to access Sisense services. We urge you to “reset any credentials and secrets you may have.”
How can the energy sector strengthen its resilience against ransomware attacks?
Because the energy sector plays a critical role in any functioning society, it has always been a prime target for state-sponsored cybercriminals.
How malicious email activity continues to slip through the cracks
In this Help Net Security video, Josh Bartolomie, Vice President of Global Threat Services at Cofense, explains how email will continue to be a target as long as it remains the primary form of communication within the enterprise. I am.
April 2024 Patch Tuesday predictions: Microsoft new and old
This month, Microsoft is offering previews of new products and preparing some older products for end of support. But before that, Patch Tuesday for March 2024 was pretty quiet, with 60 unique vulnerabilities resolved.
Defining a comprehensive GRC strategy
In this Help Net Security video, Nicholas Kathmann, CISO at LogicGate, explains why enterprises are turning to a comprehensive GRC strategy.
How exposure management increases cyber resilience
Attackers have become adept at identifying and exploiting the most cost-effective methods of compromise, making it critical for organizations to implement asset identification and understand their asset security posture across assets. It is embossed.
AI risks are now more visible than ever under the auditor’s lens
In this Help Net Security video, Gartner Research Specialist Thomas Teravainen explains how AI-related risks will significantly increase the scope of audit plans in 2024.
Why are so many companies turning to third-party security partners?
In 2023, 71% of organizations across industries reported that their business is feeling the impact of a continuing cybersecurity skills shortage.
Manage your AppSec posture to prevent security breaches
In this Help Net Security video, Gopi Rebala, CTO of OpsMx, shows how managing the security posture of your applications helps businesses identify, prioritize and remediate vulnerabilities, prevent security breaches, and improve implementation. Learn how it can help you enforce policies that block vulnerable deployments into production environments.
How Google's 90-day TLS certificate expiration proposal will impact businesses
Google's proposal announced last year to reduce the validity period of TLS (Transport Layer Security) certificates from 13 months to 90 days may be implemented in the near future. This definitely improves security and reduces the opportunity for malicious parties to misuse compromised or stolen certificates and private keys.
The next wave of mobile threats
In this Help Net Security video, Michael Covington, VP of Portfolio Strategy at Jamf, discusses planning your mobile security strategy.
New Information Security Products of the Week: April 12, 2024
Here are the most interesting products of the past week, featuring releases from Akamai, Bitdefender, Siemens, Veriato, and Index Engines.
