Security News > 2022 > August

The FBI recently issued a warning that malicious attackers are using deepfakes to apply for a variety of remote work positions via virtual interviews over the internet. These positions include IT, database, and developer positions with access to customer details, financial data, and proprietary information - making organizations incredibly vulnerable to a brand-new attack method should deep-faked candidates get hired.

Venafi announced the findings of a dark web investigation into ransomware spread via malicious macros. 87% of the ransomware found on the dark web has been delivered via malicious macros to infect targeted systems.

Speaker of the US House of Representatives Nancy Pelosi has tied her controversial visit to Taiwan to an alleged barrage of China-directed cyber-attacks against the territory. The column details many Chinese acts that Pelosi alleges Taiwan has had to defend - including some in cyberspace, where she accused China of "Launching scores of attacks on Taiwan government agencies each day."

With so many recent high-profile breaches accomplished through the compromise of passwords on privileged accounts, it's time all cybersecurity stakeholders got educated. Where do privileged accounts reside throughout the IT environment?

VMware has fixed a critical authentication bypass vulnerability that hits 9.8 out of 10 on the CVSS severity scale and is present in multiple products. The critical vulnerability is similar to, or perhaps even a variant or patch bypass of, an earlier critical authentication bypass vulnerability that also rated 9.8 in severity and VMware fixed back in May. Shortly after that update was issued, CISA demanded US government agencies pull the plug on affected VMware products if patches can't be applied.

The state of the Microsoft 365 data protection market. Why it is an imperative to protect Microsoft 365 data.

Cryptocurrency bridge service Nomad, which describes itself as "An optimistic interoperability protocol that enables secure cross-chain communication," has been drained of tokens notionally worth $190.7 million if exchanged for US dollars. Nomad allows cryptocurrency holders to trade their tokens across different blockchains, the distributed public ledgers used to track crypto assets.

Top U.S. universities are among the worst in the world at protecting users from email fraud, lacking security measures to prevent common threat tactics such as domain spoofing or other types of fraudulent emails, researchers have found. The news is troubling, especially as email remains the most common vector for security compromises across all industries, observed Ryan Kalember, executive vice president of cybersecurity strategy at Proofpoint, in a statement.

Black Kite: Cost of data breach averages $15 million. Based on a review of 2,400 cyber incidents between 2017-2022 at 1,700 companies, cyber risk monitoring firm Black Kite concluded the average cost, excluding outliers, of a data breach today is $15 million.

Researchers have observed a new post-exploitation attack framework used in the wild, named Manjusaka, which can be deployed as an alternative to the widely abused Cobalt Strike toolset or parallel to it for redundancy. Its RAT implants support command execution, file access, network reconnaissance, and more, so hackers can use it for the same operational goals as Cobalt Strike.