Security News > 2022 > April

A recent Hive ransomware attack carried out by an affiliate involved the exploitation of "ProxyShell" vulnerabilities in the Microsoft Exchange Server that were disclosed last year to encrypt an unnamed customer's network. "The actor managed to achieve its malicious goals and encrypt the environment in less than 72 hours from the initial compromise," Varonis security researcher, Nadav Ovadia, said in a post-mortem analysis of the incident.

In this video for Help Net Security, Donald Fischer, CEO at Tidelift, talks about the state of open-source software supply chain security in 2022. Open source is the modern application development platform and is becoming an indispensable part of the software development process for organizations of all sizes.

In this video for Help Net Security, Yotam Perkal, VP of Research at Rezilion, talks about the most critical vulnerabilities published during Q1 2022, and the relevant remediation and mitigation steps you need to take. The first quarter of 2022 was packed with new vulnerabilities, and some are still impacting organizations worldwide.

There's just one problem: most fraud prevention companies aren't heeding the signals and drinking the DevOps deployment Kool-Aid. Let's look at how other fraud prevention companies can benefit from this approach-and what it will take for fellow fraud-stoppers to embrace the DevOps deployment model.

The report revealed how quickly cybercriminals capitalize on new security weaknesses - shrinking the window that organizations have to remediate vulnerabilities ahead of an attack. With 20,175 new vulnerabilities published in 2021, Skybox Research Lab witnessed the most vulnerabilities ever reported in a single year.

VMware released a report which takes the pulse of the financial industry's top CISOs and security leaders on the changing behavior of cybercriminal cartels and the defensive shift of the financial sector. The report found that financial institutions are facing increased destructive attacks and falling victim to ransomware more than in years' past, as sophisticated cybercrime cartels evolve beyond wire transfer fraud to now target market strategies, take over brokerage accounts and island hop into banks.

The National Association of Corporate Directors, SecurityScorecard and the Cyber Threat Alliance released a report that examines the U.S. Securities and Exchange Commission's recently proposed rules and amendments on cybersecurity reporting requirements for public companies. The report concludes that the proposed rules, if enacted as currently drafted, would strengthen the ability of public companies, funds and advisors to combat cybersecurity threats and implement risk mitigation processes.

The Five Eyes nations' cybersecurity agencies this week urged critical infrastructure to be ready for attacks by crews backed by or sympathetic to the Kremlin amid strong Western opposition to Russia's invasion of Ukraine. "Given recent intelligence indicating that the Russian government is exploring options for potential cyberattacks against US critical infrastructure, CISA along with our interagency and international partners are putting out this advisory to highlight the demonstrated threat and capability of Russian state-sponsored and Russian aligned cybercrime groups," CISA Director Jen Easterly said in a statement.

Ninety-eight percent of BYOD companies say they compensate employees for the use of their personal mobile devices, with the average stipend now reaching $40.20 per month. Companies opting for a BYOD approach report spending $893 per employee annually, when combining stipends, in-house and outsourced management, and MDM software.

Amazon Web Services has updated its Log4j security patches after it was discovered the original fixes made customer deployments vulnerable to container escape and privilege escalation. The vulnerabilities introduced by Amazon's Log4j hotpatch - CVE-2021-3100, CVE-2021-3101, CVE-2022-0070, CVE-2022-0071 - are all high-severity bugs rated 8.8 out of 10 on the CVSS. AWS customers using Java software in their off-prem environments should grab the latest patch set from Amazon and install.