Security News > 2022 > July

Microsoft is now taking steps to prevent Remote Desktop Protocol brute-force attacks as part of the latest builds for the Windows 11 operating system in an attempt to raise the security baseline to meet the evolving threat landscape. "Win11 builds now have a DEFAULT account lockout policy to mitigate RDP and other brute-force password vectors," David Weston, Microsoft's vice president for OS security and enterprise, said in a series of tweets last week.

Malicious actors are exploiting a previously unknown security flaw in the open source PrestaShop e-commerce platform to inject malicious skimmer code designed to swipe sensitive information. "Attackers have found a way to use a security vulnerability to carry out arbitrary code execution in servers running PrestaShop websites," the company noted in an advisory published on July 22.

Italian authorities are investigating claims made by the LockBit ransomware gang that they breached the network of the Italian Internal Revenue Service. LockBit claims they stole 100 GB of data that will be leaked online if the Italian tax agency doesn't pay a ransom demand until August 1st. The Italian revenue agency shared an official statement on its website regarding "The alleged theft of data from the tax information system," saying that it requested more info from Sogei SpA, a Ministry of Economy and Finance public company that manages the financial administration's technological infrastructure.

FileWave's mobile device management system has been found vulnerable to two critical security flaws that could be leveraged to carry out remote attacks and seize control of a fleet of devices connected to it. "The vulnerabilities are remotely exploitable and enable an attacker to bypass authentication mechanisms and gain full control over the MDM platform and its managed devices," Claroty security researcher Noam Moshe said in a Monday report.

A new phishing campaign codenamed 'Ducktail' is underway, targeting professionals on LinkedIn to take over Facebook business accounts that manage advertising for the company. The threat actor reaches out to employees on LinkedIn who could have Facebook business account access, for example, people listed as working in "Digital media" and "Digital marketing" as their roles.

Specops Software released new research finding cybersecurity weaknesses in business web apps including Shopify, Zendesk, Trello, and Stack Overflow. This Help Net Security video reveals how popular business web applications failed to implement critical password and authentication requirements to protect customers.

The LockBit ransomware crew is claiming to have stolen 78GB of data from Italy's tax agency and is threatening to leak it if a ransom isn't paid by July 31.If information was stolen, the tax agency would only be the latest in an expanding list of victims of LockBit.

How many cybersecurity vendors are active at the moment? What are they offering? How is their business doing? These are just some of the questions that Richard Stiennon, Chief Research Analyst at IT-Harvest, is trying to answer on a daily basis. The former Gartner Research VP and industry executive is one of the industry's most prominent analysts and creator of the Analyst Dashboard, a web app that reveals data on 2,850 cybersecurity vendors.

Traditional identity fraud losses, caused by criminals illegally using victims' information to steal money, exploded in 2021 to $24 billion - an alarming 79% increase over 2020, according to Javelin Strategy & Research. The number of adults in the United States impacted by traditional identity fraud grew more than 50%, reaching more than 15 million victims, a Javelin identity fraud study reveals.

Such traditional solutions cannot support large-scale cloud transformation initiatives requiring a modern PAM approach with automated and context-aware access controls. "You invest in modern infrastructure and application development tools. Shouldn't you invest in a modern PAM solution designed for the cloud or hybrid environment to protect it?".