CyberSecurity Updates

15 Feb

Microsoft Patch Tuesday Addresses Multiple Zero Days

Attacks, Malware

Due to the risks involved with these vulnerabilities, these updates should be tested and pushed to production environments as soon as policies allow. These attacks require initial access to be effective, and phishing emails are the most prominent method of gaining that first foothold. Ensuring that users know the risks of phishing emails and how to detect them can help protect an organization. Remote Code Execution and Privilege Escalation vulnerabilities are inevitable with the increasing…

Read More
15 Feb

PE Firm Francisco Partners to Take Sumo Logic Private in $1.7B Deal

Information, News

Cloud monitoring, log management and SIEM solutions provider Sumo Logic is set to become a private company after it has entered into a definitive agreement to be acquired by affiliates of private equity firm Francisco Partners for $1.7 billion. Francisco Partners is prepared to pay $12.05 per share in cash. The law firm Kahn Swick & Foti has announced that it’s investigating the deal to determine if the price is adequate. Sumo Logic offers cloud-native…

Read More
15 Feb

Microsoft: Exchange Server 2013 Reaches End of Support in April

Attacks, Malware

It is recommended to upgrade any instances of Exchange 2013 to a newer version of Exchange as soon as possible. Exchange 2013 servers can also be migrated to Microsoft’s hosted Exchange Online email and calendaring solution, available as an Office 365 subscription or as a stand-alone service. Once mailboxes, public folders, and other data are migrated, admins can remove on-premises Exchange servers and Active Directory. Microsoft recently urged customers to keep their on-premises Exchange servers…

Read More
15 Feb

China-based cyberespionage actor seen targeting South America

Data Breaches, Malware, Social Engineering

China-based cyberespionage actor DEV-0147 has been observed compromising diplomatic targets in South America, according to Microsoft’s Security Intelligence team.  The initiative is “a notable expansion of the group’s data exfiltration operations that traditionally targeted gov’t agencies and think tanks in Asia and Europe,” the team tweeted on Monday.  DEV-0147’s attacks in South America included post-exploitation activity involving the abuse of on-premises identity infrastructure for reconnaissance and lateral movement, and the use of Cobalt Strike — a penetration…

Read More
15 Feb

Cybersecurity startup Oligo debuts with new application security tech

Data Breaches, Malware, Social Engineering

Israel-based startup Oligo Security is exiting stealth mode with the public launch of its namesake software, offering a new wrinkle in library-based application security monitoring, observability, and remediation. Utilizing a technology called extended Berkeley Packet Filter (eBPF), it is able to provide agentless security coverage for open source code. Given the prevalence of open source code in modern software — Oligo contends that it accounts for something like 80% or 90% — there is a…

Read More
15 Feb

5 biggest risks of using third-party services providers

Data Breaches, Malware, Social Engineering

As business processes become more complex, companies are turning to third parties to boost their ability to provide critical services from cloud storage to data management to security. It’s often more efficient and less expensive to contract out work that would otherwise require significant effort and potentially drain in-house resources to those who can do it for you. The use of third-party services can also come with significant—often unforeseen—risks. Third parties can be a gateway…

Read More
15 Feb

Descope launches authentication and user management SaaS

Data Breaches, Malware, Social Engineering

Descope has launched its first product, a platform designed to help developers add authentication and user management capabilities to their business-to-consumer and business-to-business applications. The software as a service is available now. Developers can access the product free of charge for up to 7,500 monthly active uses for B2C applications and up to 50 tenants for B2B apps. Beyond these there is a US$0.10 per user and US$20 per tenant. The Descope platform aims to…

Read More
15 Feb

Defending against attacks on Azure AD: Goodbye firewall, hello identity protection

Data Breaches, Malware, Social Engineering

Not too long ago, guarding access to the network was the focal point of defense for security teams. Powerful firewalls ensured that attackers were blocked on the outside while on the inside things might get “squishy,” allowing users fairly free rein within. Those firewalls were the ultimate defense—no one undesirable got access. Until they did. With the advent of cloud computing, the edge of a network is no longer protected by a firewall. In fact,…

Read More
14 Feb

Confident cybersecurity means fewer headaches for SMBs

Information

Small and medium-sized businesses have good reason to be concerned about the loss of data and financial impacts While tech advancements have enabled small and medium businesses (SMBs) to grow their business and allowed them to evolve their operational models, cybersecurity risks and threats can cancel any progress that has been made so far. Underlying these is another serious obstacle: SMBs lacking confidence in managing cybersecurity. The lack of confidence manifests as a strong belief…

Read More
14 Feb

Apple fixes zero-day spyware implant bug – patch now!

Information

by Paul Ducklin Apple has just released updates for all supported Macs, and for any mobile devices running the very latest versions of their respective operating systems. In version number terms: iPhones and iPads on version 16 go to iOS 16.3.1 and iPadOS 16.3.1 respectively (see HT213635). Apple Watches on version 9 go to watchOS 9.3.1 (no bulletin). Macs running Ventura (version 13) go to macOS 13.2.1 (see HT213633). Macs running Big Sur (version 11)…

Read More