Security News > 2022 > September

Microsoft has confirmed that two recently reported zero-day vulnerabilities in Microsoft Exchange Server 2013, 2016, and 2019 are being exploited in the wild. "At this time, Microsoft is aware of limited targeted attacks using the two vulnerabilities to get into users' systems."

Microsoft has claimed a North Korean crew poses as LinkedIn recruiters to distribute poisoned versions of open source software packages. Dubbed "ZINC", the threat actors have previously run long-term phishing schemes targeting media, defence and aerospace, and IT services organizations in the US, UK, India, and Russia.

Cloud security became much more complicated as COVID-19 hit and remote/hybrid workforces emerged. Organizations are struggling to sufficiently secure new cloud environments implemented during the pandemic while maintaining legacy equipment and trying to adapt their overall security strategy to the evolving landscape.

Security researchers are warning of previously undisclosed flaws in fully patched Microsoft Exchange servers being exploited by malicious actors in real-world attacks to achieve remote code execution on affected systems."We detected webshells, mostly obfuscated, being dropped to Exchange servers," the company noted.

Infosec teams require nimble security tools to operate in realistic conditions, which may involve thousands of simultaneous events. In this Help Net Security video, Leonid Belkind, CTO at Torq, discusses parallel execution, which enables security operations professionals to execute more tasks simultaneously to enrich, analyze, contain, and resolve security threats.

Fortifying cybersecurity defenses remains a work in progress for many organizations, who acknowledge their shortcomings but have yet to commit the necessary resources to the effort, according to new research from CompTIA. While a majority of respondents in each of seven geographic regions feels that their company's cybersecurity is satisfactory, CompTIA's "State of Cybersecurity" shows that a much smaller number rank the situation as "Completely satisfactory." Nearly everyone feels that there is room for improvement. "Companies are aware of the threats they face and the potential consequences of an attack or breach," said Seth Robinson, VP of industry research, CompTIA. "But they may be underestimating their exposure and how much they need to invest in cybersecurity. Risk mitigation is the key, the filter through which everything should be viewed."

Security researchers have warned a zero-day flaw in Microsoft's Exchange server is being actively exploited. A second flaw, ZDI-CAN-18802, is rated 6.3/10. "Details of the flaws are scanty, with GTSC's post detailing its observations of webshells with Chinese characteristics being dropped onto Exchange servers. Those webshells then"injects malicious DLLs into the memory, drops suspicious files on the attacked servers, and executes these files through the Windows Management Instrumentation Command line.

Trellix released global research revealing the cost of siloed security, weak spots in protection, and lack of confidence amongst security operations teams. The study of 9,000 global cybersecurity professionals also looks to the future of security and the technology poised to revolutionize security operations.

Two now-former eBay executives who pleaded guilty to cyberstalking charges this year have been sent down and fined tens of thousands of dollars. James Baugh, ex-senior director of safety and security at the internet tat bazaar, was sentenced to nearly five years - 57 months - behind bars, plus two years of supervised release and fined $40,000 for harassing, both electronically and physically, Ina and David Steiner, who produce EcommerceBytes, a website and newsletter critical of eBay.

Cybersecurity threats and attacks are on an upswing with no end in sight. It's clear that organizations must do more to protect their data and employees.