Social Engineering

Last year, two high severity, easily exploitable Microsoft Exchange vulnerabilities dubbed ProxyLogon and ProxyShell made waves in the infosec sphere. Nearly a year later, Exchange Server admins are met with another threat: ProxyNotShell, which in fact is a vulnerability chain comprising two actively exploited flaws: CVE-2022-41040 is a server-side request forgery (SSRF) vulnerability that an authenticated attacker can exploit for privilege escalation. This vulnerability occurs because the root cause of ProxyShell’s path confusion flaw remains,…

Read More

Microsoft suspended several accounts on its hardware developer program that signed malicious drivers used by a ransomware group called Cuba to disable endpoint security tools. The driver certificates have been revoked and the drivers will be added to a blocklist that Windows users can optionally deploy. “In most ransomware incidents, attackers kill the target’s security software in an essential precursor step before deploying the ransomware itself,” researchers from security firm Sophos said in a new…

Read More

Lacework on Wednesday released new cloud security posture management (CSPM) capabilities, designed to help organizations create custom policies for AWS, Google Cloud, and Azure to secure their cloud infrastructure.  The new CSPM solution offers three key enhancements. First, it allows organizations to customize policies and ensure configurations align with an organization’s specific needs. Second, it helps organizations build custom cross-account reports to measure hygiene. Finally, the new CSPM will now be compliant with the latest…

Read More

Cloud security vendor Wiz has announced PEACH, a tenant isolation framework for cloud applications designed to evaluate security posture and outline areas of improvement. The firm stated that the framework has been developed on the back of its cloud vulnerability research to tackle security challenges impacting tenant isolation. Security boundaries, incohesion, transparency impacting tenant isolation in cloud applications In a blog post, Wiz wrote that there have been several cross-tenant vulnerabilities in various multi-tenant cloud…

Read More

A new ransomware group dubbed Royal that formed earlier this year has significantly ramped up its operations over the past few months and developed its own custom ransomware program that allows attackers to perform flexible and fast file encryption. “The Royal ransomware group emerged in early 2022 and has gained momentum since the middle of the year,” researchers from security firm Cybereason said in a new report. “Its ransomware, which the group deploys through different…

Read More

In a world before smartphones, social media, and hybrid workplaces, an acceptable use policy was a lot easier to write—and to enforce. These days, it’s a lot more complicated. Work can take place almost anywhere, on any number of devices. An employee can accept a job and then never physically set foot in the office, working from home (or the Caribbean) on their personal laptop. That’s why an acceptable use policy, or AUP, is more…

Read More

When a company engages in business with a government, especially with the defense sector of that government, one should expect that security surrounding the engagement would be a serious endeavor. A recent report offered up by CyberSheath throws cold water on that assumption—indeed, DEFENSELESS – A statistical report on the state of cybersecurity maturity across the defense industrial base (DIB) should embarrass the sector and begs the question: why are some companies still allowed to…

Read More

Firewall and security software vendor Palo Alto Network’s annual Ignite conference kicked off Tuesday, highlighted by several product announcements, which were unveiled alongside the company’s latest threat report. Palo Alto’s “What’s Next in Cyber” report named ransomware and business email compromise as the most common attacks faced by businesses worldwide, with supply chain threats, malicious insiders and DDoS attacks rounding out the top five. Over the course of the past year, 96% of respondents to…

Read More

The European Commission announced Tuesday that is has officially begun the process of approving the EU-US Data Privacy Framework—hammered together to allow the flow of data between the US and the European Union—after concluding that the framework provides privacy safeguards comparable to those of the EU. After President Biden signed the executive order that implemented rules for the Trans-Atlantic Data Policy Framework in the US in October, the Commission conducted an assessment into the US legal…

Read More

The Payment Card Industry Security Standards Council (PCI SSC) has published version 1.2 of the PCI Secure Software Standard and its supporting program documentation. One of two standards that make up the PCI Software Security Framework (SSF), the PCI Secure Software Standard sets out requirements to help ensure that payment software is designed, developed, and maintained in a manner that protects transactions and data, minimizes vulnerabilities, and defends against attacks. The latest version introduces minor…

Read More