Security News > 2022 > July

The team behind LibreOffice has released security updates to fix three security flaws in the productivity software, one of which could be exploited to achieve arbitrary code execution on affected systems. Tracked as CVE-2022-26305, the issue has been described as a case of improper certificate validation when checking whether a macro is signed by a trusted author, leading to the execution of rogue code packaged within the macros.

The legacy approach to attack surface management falls short of what modern organizations require: contextual awareness. Security teams increasingly suffer from threat intelligence sensory overload while still unable to achieve the visibility they need to protect the organization, its infrastructure, and mission critical digital assets.

A worrying 73.48% of organizations feel they have wasted the majority of their cybersecurity budget on failing to remediate threats, despite having an over-abundance of security tools at their disposal, according to Gurucul. Only 25% of organizations consider their biggest threat to be from inside the business, despite insider threats increasing by 47% over the past two years.

Identity security is a priority, yet board buy-in is critical. 90% of respondents state that their organizations fully recognize the importance of identity security in enabling them to achieve their business goals, and 87% say that it is one of the most important security priorities for the next 12 months.

What's more, only 39% of employees say they're very likely to report a security incident, making investigation and remediation even more challenging and time-consuming for security teams. Virtually all IT and security leaders agreed that a strong security culture is important in maintaining a strong security posture.

A US managed service provider NetStandard suffered a cyberattack causing the company to shut down its MyAppsAnywhere cloud services, consisting of hosted Dynamics GP, Exchange, Sharepoint, and CRM services. According to an email sent to MyAppsAnywhere customers shared on Reddit, the company detected signs of a cyberattack on Tuesday morning and quickly shut down cloud services to prevent the attack's spread. "As of approximately 11:30 AM CDT July 26, NetStandard identified signs of a cybersecurity attack within the MyAppsAnywhere environment. Our team of engineers has been engaged on an active incident bridge ever since working to isolate the threat and minimize impact."

FileWave has fixed a couple vulnerabilities in its endpoint management software that could allow a remote attacker to bypass authentication and take full control of the deployment and associated devices. Industrial control system security firm Claroty discovered the two bugs, tracked as CVE-2022-34907 and CVE-2022-34906, and says they exposed organizations across sectors - from large corporations to schools and government agencies and even small businesses - to risks including ransomware infections, sensitive data theft, and even remote device control.

During an open House Intelligence Committee hearing on Wednesday, US lawmakers heard testimony from Citizen Lab senior researcher John Scott-Railton; Shane Huntley, who leads Google's Threat Analysis Group; and Carine Kanimba, whose father was the inspiration for Hotel Rwanda and who was, herself, targeted by Pegasus spyware. Earlier this year, European lawmakers opened an inquiry into spyware in general, and Pegasus more specifically, after the malware was reportedly found on cellphones associated with the UK and Spanish prime ministers, Spain's defense minister, and dozens of Catalan politicians and members of civil society groups.

Samba is a widely-used open source toolkit that not only makes it easy for Linux and Unix computers to talk to Windows networks, but also lets you host a Windows-style Active Directory domain without Windows servers at all. Anyone with a long enough memory will recall, probably without a tremendous amount of affection, hooking up OS/2 computers to share files using SMB over NetBIOS. Samba started life in the early 1990s thanks to the hard work of Australian open source pioneer Andrew Tridgell, who figured out from first principles how SMB worked so that he could implement a compatible version for Unix while he was busy with his PhD at the Australian National University.

The US is offering up to $10 million for information on members of state-sponsored North Korean threat groups, double the amount that the State Department announced in April. The agency's Rewards for Justice program this week said it will cough up the cash for intelligence related to "Government-linked cyber activities" in North Korea, including leads on people involved with such state-sponsored groups like Andariel, APT38, BlueNoroff, Guardians of Peace, Kimsuky, and Lazarus Group who are targeting critical infrastructure in the US. The latest notice is part of a larger ongoing campaign by the State Department and other US government agencies of offering bounties for information regarding cyberattacks from North Korea or other countries against the United States, particularly involving such sectors as critical infrastructure - such as power grids and water and food supplies - as well as federal elections.