When security and resiliency converge: A CSO’s perspective on how security organizations can thrive

The Security Magazine published an article by John Scimone on perspectives for security organizations. 

You’ve just been hired to lead the security program of a prominent multinational organization. You’re provided a seasoned team and budget, but you can’t help looking around and asking yourself, “How will I possibly protect every asset of this company, every day, against every threat, globally?” After all, this is the expectation of most organizations, their customers and shareholders, as well as regulators and lawmakers. In my experience, one of the top challenges security leaders face is trying to optimize a modest security budget to protect a highly complex and ever-expanding organizational attack surface. In fact, Accenture found that 69% of security professionals say staying ahead of attackers is a constant battle and the cost is unsustainable. For most, this challenge is extremely discouraging. However, success is not necessarily promised to those with resources – it’s more about how resourceful you can be.

Read further on the Security Magazine


Security ratings could raise the bar on cyber hygiene, but won’t stop the next SolarWinds

SC Media discusses the plans to introduce ratings for security products.

Plans from the Biden administration to release product security rating system could raise the bar for security overall, say experts, but won’t likely prevent the next SolarWinds or Microsoft hacks.

In a briefing to reporters Friday, senior official compared the forthcoming rating system to the health and safety letter grades at restaurants. And it is a concept that the cybersecurity community has batted around for some time: place a label on the box that says a product is or is not secure, and let consumers create a market around security.

Read further on SC Media


Fake Google reCAPTCHA Phishing Attack Swipes Office 365 Passwords

The Treat Post published a report on phishing attack targeting Microsoft users which leverages a bogus Google reCAPTCHA system.

Microsoft users are being targeted with thousands of phishing emails, in an ongoing attack aiming to steal their Office 365 credentials. The attackers add an air of legitimacy to the campaign by leveraging a fake Google reCAPTCHA system and top-level domain landing pages that include the logos of victims’ companies.

According to researchers, at least 2,500 such emails have been unsuccessfully sent to senior-level employees in the banking and IT sector, over the past three months. The emails first take recipients to a fake Google reCAPTCHA system page. Google reCAPTCHA is a service that helps protect websites from spam and abuse, by using a Turing test to tell humans and bots apart (through asking a user to click on a fire hydrant out of a series of images, for instance).

Read further on The Treat Post


Google: Bad bots are on the attack, and your defence plan is probably wrong

Report by ZDNet on Google's recommendations concerning modern bot attacks.

At the outset of the COVID-19 pandemic Microsoft chief Satya Nadella said Microsoft had seen "two years' worth of digital transformation in two months." Google now sees that attackers have adapted to these changed conditions and are boosting attacks on newly online businesses, with bots high on the list of tools used.

Read further on ZDNet


Criminals leveraging shift to remote work to develop targeted attacks

Helpnetsecurity.com reported on recent shift of cybercrime focus on remote workers.

Malwarebytes announced the findings of its report which explores how the global pandemic forced many employees to quickly become a remote workforce and confined consumers to their homes.

In the wake of this change, cybercriminals ditched many of their old tactics, placing a new emphasis on gathering intelligence, and exploiting and preying upon fears with targeted and sophisticated attacks. As a result, the report found a notable shift in the devices targeted and strategies deployed by cybercriminals.

Read further on helpnetsecurity.com


Unpatched Android App with 1 Billion Downloads Threatens Spying, Malware

The Threat Post reported on a vulnerability threatening to the billion users of the unpatched application.

An Android app that’s been downloaded more than 1 billion times is riddled with flaws that can let attackers hijack app features or overwrite existing files to execute malicious code, or launch man-in-the-disk (MiTD) attacks on people’s devices, researchers discovered.

The flaws exist in an app called SHAREit, which allows Android app users to share files between friends or devices. They were identified and reported to the app maker three months ago by researchers at Trend Micro. However, the flaws remain unpatched, according to a report posted online Monday. Softonic, a company based in Barcelona, Spain, is the app’s developer and distributor.

Read further on The Threat Post


In the shadow of SolarWinds: Personal reflections

The Security Magazine published an expert's opinion on SolarWinds situation.

As I traversed the globe for four years as the Cylance Ambassador-at-Large and would share with audiences and customers the prowess that AI-powered machine learning was bringing to the battlespace, I was frequently asked what we could anticipate in the way of a reaction from our adversaries. In the shadow of the SolarWinds compromise, my thoughts reverted to those questions. My response at the time was that we should definitely anticipate a retaliation, pivot or adjustment. There was too much at stake, financially and otherwise, for them not to respond.

Read further on the Security Magazine


Cisco DNA Center Bug Opens Enterprises to Remote Attack

The TheatPost published a news on Cisco DNA bug. 

A cross-site request forgery (CSRF) vulnerability in the Cisco Digital Network Architecture (DNA) Center could open enterprise users to remote attack and takeover.

The flaw, tracked as CVE-2021-1257, exists in the web-based management interface of the Cisco DNA Center, which is a centralized network-management and orchestration platform for Cisco DNA. It carries a CVSS vulnerability-severity score of 7.1, making it high-severity.

Read further on the ThreatPost


Cybercriminals Resort to Shady Ad Practices that Rip Off Users

The Hacker News published a report on using malicious ad practices on mobile devices.

Shady ad practices have become a significant source of threats for many mobile devices. Apart from being used as a channel to distribute malware, the attack vector is seeing a potential role in technical support scams using browser locking web pages, and for the propagation of fleeceware apps.

Read further

 


Switching to Signal? Turn on these settings now for greater privacy and security

ZDNet in view of the great migration to Signal gives some valuable advise on how to improve its privacy.

Many people are making the switch from WhatsApp to Signal. Many are switching because of the increased privacy and security that Signal offers.

But with a few simple tweaks, did you know that you can make Signal even more secure?

There are a few settings I suggest you enable. There are some cosmetic differences between the iOS and Android versions of Signal, but these tips apply to both platforms.

Read further on ZDNet